Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
vyper performs double eval of the slice start/length args in certain cases Moderate
CVE-2024-32646 was published for vyper (pip) Apr 25, 2024
cyberthirst
vyper performs multiple eval of `sqrt()` argument built in Moderate
CVE-2024-32649 was published for vyper (pip) Apr 25, 2024
cyberthirst
Vyper negative array index bounds checks Critical
CVE-2024-24563 was published for vyper (pip) Feb 7, 2024
cyberthirst iFrostizz
Vyper sha3 codegen bug Low
CVE-2024-24559 was published for vyper (pip) Feb 5, 2024
cyberthirst kuroi8
Vyper's raw_call `value=` kwargs not disabled for static and delegate calls Moderate
CVE-2024-24567 was published for vyper (pip) Jan 30, 2024
cyberthirst pcaversaccio
kuroi8 0xdeadbeef0x
concat built-in can corrupt memory in vyper High
CVE-2024-22419 was published for vyper (pip) Jan 19, 2024
cyberthirst kuroi8
ProTip! Advisories are also available from the GraphQL API