Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple evaluation of contract address in call in vyper
Vulnerability Description
Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions prior to 0.3.4 when a calling an external contract with no return value, the contract address (including side effects) could be evaluated twice. This may result in incorrect outcomes for contracts. This issue has been addressed in v0.3.4.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
Vulnerability Type
控制流实现总是不正确
Vulnerability Title
silverstripe-omnipay 安全漏洞
Vulnerability Description
silverstripe-omnipay是SilverStripe 与 Omnipay PHP 支付库集成。 silverstripe-omnipay 存在安全漏洞,该漏洞源于对于 Omnipay 网关的子集,如果支付标识符或URL成功被公开,则支付可能会被过早标记为已完成而未进行支付,以下产品和版本受到影响:silverstripe-omnipay 2.5.2之前的版本、3.0.2之前的版本、3.1.4之前的版本、3.2.1之前的版本。
CVSS Information
N/A
Vulnerability Type
N/A