Security Advisory

CVE-2024-24564

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-26 20:16:13

Last updated 2024-10-25 20:33:03

Assigner GitHub_M

State PUBLISHED

Description

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in `extract32(b, start)`, if the `start` index provided has for side effect to update `b`, the byte array to extract `32` bytes from, it could be that some dirty memory is read and returned by `extract32`. This vulnerability is fixed in 0.4.0.

← Browse all CVEs View on cve.org ↗