Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi vyper Security Advisories
Browse all Security Advisories for pypi vyper
Loading...
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
GSA_kwCzR0hTQS1wcHg1LXEzNTktcHZ3as4AA7UK
vyper's range(start, start + N) reverts for negative numbersEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
GSA_kwCzR0hTQS14Y2hxLXc1cjMtNHdnM84AA7UJ
vyper performs incorrect topic logging in raw_logEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
GSA_kwCzR0hTQS1yNTZ4LWo0Mzgtdnc1bc4AA7UI
vyper performs double eval of the slice start/length args in certain casesEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
GSA_kwCzR0hTQS0zd2hxLTY0cTItcWZqNs4AA7UH
vyper performs double eval of raw_args in create_from_blueprintEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
GSA_kwCzR0hTQS1tMnY5LXczNzQtNWhqOc4AA7UG
vyper default functions don't respect nonreentrancy keysEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
GSA_kwCzR0hTQS01anJqLTUyeDgtbTY0aM4AA7UF
vyper performs multiple eval of `sqrt()` argument built inEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 6 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 8 months ago
GSA_kwCzR0hTQS00aHdxLTRjcG0tOHZteM4AA5gr
Vyper's `extract32` can ready dirty memoryEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 8 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 8 months ago
GSA_kwCzR0hTQS05cDhyLTR4cDQtZ3c1d84AA5gq
Vyper's `_abi_decode` vulnerable to Memory OverflowEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 9 months ago
GSA_kwCzR0hTQS01MnhxLWo3djktdjR2Ms4AA5JI
Vyper negative array index bounds checksEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 9 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 9 months ago
GSA_kwCzR0hTQS02ODQ1LXh3MjItZmZ4ds4AA5Ef
Vyper sha3 codegen bugEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 9 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 9 months ago
GSA_kwCzR0hTQS1ncDN3LTJ2Mm0tcDY4Ns4AA5Bo
Vyper's external calls can overflow return data to return input bufferEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 9 months ago
GSA_kwCzR0hTQS05eDdmLWd3eHEtNmYyY84AA4_y
Vyper's bounds check on built-in `slice()` function can be overflowedEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 9 months ago
GSA_kwCzR0hTQS14MmMyLXEzMnctNHc2bc4AA48w
Vyper's raw_call `value=` kwargs not disabled for static and delegate callsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 9 months ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: 9 months ago
GSA_kwCzR0hTQS0ycTh2LTNncXEtNGY4cM4AA4kr
concat built-in can corrupt memory in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: 9 months ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 10 months ago
GSA_kwCzR0hTQS02bTk3LTc1MjctbWg3NM4AA3uZ
incorrect storage layout for contracts containing large arraysEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 10 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
GSA_kwCzR0hTQS1jeDJxLWhmeHItcmo5N84AA2C3
Vyper's `_abi_decode` input not validated in complex expressionsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: about 1 year ago
GSA_kwCzR0hTQS1jNjQ3LXB4bTItYzUyd84AA1-0
Vyper vulnerable to memory corruption in certain builtins utilizing `msize`Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
GSA_kwCzR0hTQS0zaGcyLXI3NXgtZzY5bc4AA17W
Vyper has incorrect re-entrancy lock when key is empty stringEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
GSA_kwCzR0hTQS00aGc0LTltZjUtd3h4cc4AA1rF
incorrect order of evaluation of side effects for some builtinsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
GSA_kwCzR0hTQS1nMnhoLWM0MjYtdjhtZs4AA1rE
Vyper: reversed order of side effects for some operationsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: about 1 year ago
GSA_kwCzR0hTQS01ODI0LWNtM3gtM2MzOM4AA1LT
Vyper has incorrectly allocated named re-entrancy locksEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
GSA_kwCzR0hTQS1mNXg2LTdxZ3AtamhmM84AA04g
ecrecover can return undefined data if signature does not verifyEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: over 1 year ago
GSA_kwCzR0hTQS12eG1tLWN3aDItcTc2Ms4AAzbG
Vyper's nonpayable default functions are sometimes payableEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS0zcDM3LTM2MzYtcTh3ds4AAzUH
Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignmentEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS02cjhxLXBmcHYtN2Nnas4AAzUG
Vyper vulnerable to integer overflow in loopEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS1waDl4LTR2YzktbTM5Z84AAzUF
Vyper vulnerable to incorrect ordering of arguments for kwargs passed to internal callsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS1tZ3Y4LWdnZ3ctbXJnNs4AAzGx
vyper vulnerable to storage allocator overflowEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS13OWcyLTN3N3AtNzJnOc4AAy87
Incorrect success value returned in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
GSA_kwCzR0hTQS00djlxLWNncHctY2YzOM4AArZb
Multiple evaluation of contract address in call in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
GSA_kwCzR0hTQS1qMng2LTkzMjMtZnA3aM0_oA
Integer bounds error in VyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 2 years ago
GSA_kwCzR0hTQS00bXJ4LTZmeG0tOGpwZ809qA
Buffer Overflow in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 2 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
GSA_kwCzR0hTQS03dnJtLTNqYzgtNXd3bc04Jg
Incorrect Comparison in VyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 3 years ago
GSA_kwCzR0hTQS14djh4LXByNGgtNzNqds0WPA
Memory corruption when returning a literal struct with a private call inside of itEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 3 years ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
GSA_kwCzR0hTQS1jN3ByLTM0M3ItNWM0Ns0WLg
missing clamps for decimal args in external functionsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmOTItcnI2dy1jcTY0
Storage corruption due to variables overwritten by re-entrancy locksEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIyd2MtYzl3ai02cTJ2
VVE-2021-0001: Memory corruption using function calls within arraysEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM3NW0tNWZ2di14cTIz
VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoptionEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1yNnItbXZ3NC03MzZn
Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is usedEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
Statistics
Advisories: 20,359
Packages: 8,934
Repositories: 1
Ecosystems: 12
Packages: 8,934
Repositories: 1
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
433
tensorflow-gpu
425
tensorflow-cpu
422
Django
100
apache-airflow
84
Plone
72
ansible
63
salt
55
apache-superset
51
nova
47
mlflow
46
django
44
rdiffweb
42
plone
41
vyper
38
matrix-synapse
35
moin
35
gradio
32
Pillow
31
opencv-contrib-python
31
opencv-python
31
keystone
31
pillow
26
glance
20
mindsdb
18
mercurial
18
langchain
18
cobbler
17
notebook
17
PaddlePaddle
17
cryptography
16
neutron
16
paddlepaddle
15
ethyca-fides
15
pyload-ng
15
modoboa
14
pyftpdlib
14
lollms
13
OctoPrint
13
twisted
13
vantage6
13
roundup
12
wagtail
12
swift
12
calibreweb
12
urllib3
12
aiohttp
12
zenml
11
horizon
11
onionshare-cli
11
trytond
10
nautobot
10
sentry
10
Flask-AppBuilder
10
opencv-contrib-python-headless
10
opencv-python-headless
10
waitress
9
python-keystoneclient
9
kiwitcms
9
Zope
9
ryu
9
zope
9
cinder
9
ipython
8
trac
8
numpy
8
ckan
8
label-studio
8
pyspark
8
pgadmin4
8
aubio
8
litellm
8
scrapy
7
pysaml2
7
Products.CMFPlone
7
inventree
7
jupyter-server
7
pip
7
matrix-sydent
7
lief
7
apache-airflow-providers-apache-hive
6
lxml
6
yt-dlp
6
Moin
6
requests
6
web2py
6
mailman
6
Zope2
6
tornado
6
mage-ai
6
graphite-web
6
tuf
6
aim
6
python-gnupg
5
ait-core
5
omero-web
5
oauthenticator
5
whoogle-search
5
jupyterhub
5
grpcio
5
lmdb
5
grpc
5
torchserve
5
paramiko
5
bleach
5
pretix
5
nltk
5
Jinja2
5
saleor
5
langchain-experimental
5
dtale
5
feedparser
5
changedetection.io
4
ansible-core
4
awsiotsdk
4
Weblate
4
buildbot
4
httpie
4
Radicale
4
indy-node
4
indico
4
aws-iot-device-sdk-v2
4
mobsf
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
barbican
4
tripleo-heat-templates
4
FreeTAKServer-UI
4
bottle
4
transformers
4
esphome
4
keylime
4
jwcrypto
4
apache-submarine
4
werkzeug
4
reportlab
4
qutebrowser
4
jupyterlab
4
Scrapy
4
streamlit
4
PyPDF2
4
open-webui
4
Keystone
4
Pygments
4
GitPython
4
Werkzeug
4
Nova
4
nvflare
4
apache-iotdb
4
Flask-Security-Too
4
dbt-core
4
markdown2
4
starlette
4
keyring
3
ujson
3
Products.PluggableAuthService
3
pywasm3
3
django-tinymce
3
pyyaml
3
jupyter-server-proxy
3
setuptools
3
scikit-learn
3
sosreport
3
sickrage
3
Mezzanine
3
Kallithea
3
ray
3
SQLAlchemy
3
apache-airflow-providers-apache-spark
3
vanna
3
h2o
3
asyncssh
3
torch
3
onnx
3
ydata-profiling
3
llama-index
3
bitlyshortener
3
datasette
3
mayan-edms
3
pycrypto
3
openvpn-monitor
3
gerapy
3
localstack
3
poetry
3
python-jose
3
copyparty
3
openstack-heat
3
langchain-community
3
homeassistant
3
pyarrow
3
tinymce
3
tinymce/tinymce
3
TinyMCE
3
io.grpc:grpc-protobuf
3
mistune
3
certifi
3
django-helpdesk
3
micropython-io
3
micropython-copy
3
apache-libcloud
3
sanic
3
Filter by Repository