CVE-2023-30837
7.5HIGHVyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. Thi
Опубликовано: 5/8/2023Обновлено: 11/21/2024
Описание
Vyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. This issue was fixed in version 0.3.8.
ИИ-АнализНа базе ИИ
Затронутые продукты
vyperlangvyper
Ссылки
- https://github.com/vyperlang/vyper/commit/0bb7203b584e771b23536ba065a6efda457161bbPatch
- https://github.com/vyperlang/vyper/security/advisories/GHSA-mgv8-gggw-mrg6ExploitVendor Advisory
- https://github.com/vyperlang/vyper/commit/0bb7203b584e771b23536ba065a6efda457161bbPatch
- https://github.com/vyperlang/vyper/security/advisories/GHSA-mgv8-gggw-mrg6ExploitVendor Advisory