GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
11 advisories
vyper's range(start, start + N) reverts for negative numbers
Moderate
CVE-2024-32481
was published
for
vyper
(pip)
Apr 25, 2024
Vyper's `extract32` can ready dirty memory
Low
CVE-2024-24564
was published
for
vyper
(pip)
Feb 26, 2024
Vyper's `_abi_decode` input not validated in complex expressions
Moderate
CVE-2023-42460
was published
for
vyper
(pip)
Sep 26, 2023
Vyper vulnerable to memory corruption in certain builtins utilizing `msize`
High
CVE-2023-42443
was published
for
vyper
(pip)
Sep 20, 2023
Vyper has incorrect re-entrancy lock when key is empty string
Moderate
CVE-2023-42441
was published
for
vyper
(pip)
Sep 18, 2023
incorrect order of evaluation of side effects for some builtins
Moderate
CVE-2023-41052
was published
for
vyper
(pip)
Sep 4, 2023
Vyper: reversed order of side effects for some operations
Moderate
CVE-2023-40015
was published
for
vyper
(pip)
Sep 4, 2023
Vyper's nonpayable default functions are sometimes payable
Low
CVE-2023-32675
was published
for
vyper
(pip)
May 22, 2023
Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignment
High
CVE-2023-31146
was published
for
vyper
(pip)
May 12, 2023
Vyper vulnerable to integer overflow in loop
High
CVE-2023-32058
was published
for
vyper
(pip)
May 12, 2023
vyper vulnerable to storage allocator overflow
High
CVE-2023-30837
was published
for
vyper
(pip)
May 5, 2023
ProTip!
Advisories are also available from the
GraphQL API