Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Buffer overflow in Vyper
Vulnerability Description
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Versions of vyper prior to 0.3.2 suffer from a potential buffer overrun. Importing a function from a JSON interface which returns `bytes` generates bytecode which does not clamp bytes length, potentially resulting in a buffer overrun. Users are advised to upgrade. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
Vyper 缓冲区错误漏洞
Vulnerability Description
Vyper是EVM 的 Pythonic 智能合约语言。 Vyper 0.3.2 之前存在安全漏洞,该漏洞源于从返回 bytes 的 JSON 接口导入函数会生成不限制字节长度的字节码,可能会导致缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A