Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Vyper vulnerable to integer overflow in loop
Vulnerability Description
Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been patched in version 0.3.8.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
Vyper 输入验证错误漏洞
Vulnerability Description
Vyper是EVM 的 Pythonic 智能合约语言。 Vyper 0.3.8之前版本存在输入验证错误漏洞,该漏洞源于缺少对循环变量的溢出检查。
CVSS Information
N/A
Vulnerability Type
N/A