-
-
Notifications
You must be signed in to change notification settings - Fork 795
Security: vyperlang/vyper
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
external calls are not clamped in certain complex expressionsGHSA-j2x6-9323-fp7h published
Apr 13, 2022 by charles-cooperHigh -
bytestring equality incorrect for Bytes[N<=32]GHSA-7vrm-3jc8-5wwm published
Apr 2, 2022 by charles-cooperModerate -
No bytes clamps for interfaces imported via JSONGHSA-4mrx-6fxm-8jpg published
Apr 13, 2022 by charles-cooperModerate -
missing clamps for decimal args in external functionsGHSA-c7pr-343r-5c46 published
Oct 5, 2021 by charles-cooperModerate -
Memory corruption when returning a literal struct with a private call inside of itGHSA-xv8x-pr4h-73jv published
Oct 6, 2021 by charles-cooperHigh -
VVE-2021-0003: Storage variables overwritten by re-entrancy locksGHSA-7f92-rr6w-cq64 published
Jul 27, 2021 by fubuloubuHigh -
VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoptionGHSA-375m-5fvv-xq23 published
Apr 16, 2021 by fubuloubuLow -
VVE-2021-0001: Memory corruption using function calls within arraysGHSA-22wc-c9wj-6q2v published
Apr 16, 2021 by fubuloubuModerate -
VVE-2020-0004: Memory corruption using function calls within tuples / nested callsGHSA-2r3x-4mrv-mcxf published
Oct 10, 2020 by fubuloubuModerate -
VVE-2020-0003: Call stack corruption when passing complex type containing non-base type members as argumentGHSA-4v7v-gqf9-ww2g published
Oct 10, 2020 by fubuloubuModerate