CVE-2023-30837
7.5HIGHVyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. Thi
Publicado: 5/8/2023Atualizado: 11/21/2024
Descrição
Vyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. This issue was fixed in version 0.3.8.
Análise IADesenvolvido por IA
Produtos Afetados
vyperlangvyper
Referências
- https://github.com/vyperlang/vyper/commit/0bb7203b584e771b23536ba065a6efda457161bbPatch
- https://github.com/vyperlang/vyper/security/advisories/GHSA-mgv8-gggw-mrg6ExploitVendor Advisory
- https://github.com/vyperlang/vyper/commit/0bb7203b584e771b23536ba065a6efda457161bbPatch
- https://github.com/vyperlang/vyper/security/advisories/GHSA-mgv8-gggw-mrg6ExploitVendor Advisory