Description
Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0.
References
https://github.com/vyperlang/vyper/pull/2447
PatchThird Party Advisory
https://github.com/vyperlang/vyper/security/advisories/GHSA-xv8x-pr4h-73jv
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-10-06T18:15:10.897
3 years agoLast modified
2023-08-02T16:22:18.663
1 year ago