We found results for “”
WS-2021-0077
Good to know:
Date: April 19, 2021
There exists a data handling issue with certain Web3 libraries using Vyper-deploy forwarder proxy contracts using our Vyper's built-in create_forwarder_to function prior to our change to support EIP-1167 style forwarder proxies. Python package 'vyper' is vulnerable in all versions before fixed in 0.2.9.
Language: Python
Severity Score
Severity Score
Weakness Type (CWE)
Data Handling
CWE-19Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | LOW |
Availability (A): | LOW |