Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi vyper Security Advisories
Browse all Security Advisories for pypi vyper
Loading...
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
GSA_kwCzR0hTQS1wcHg1LXEzNTktcHZ3as4AA7UK
vyper's range(start, start + N) reverts for negative numbersEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
GSA_kwCzR0hTQS14Y2hxLXc1cjMtNHdnM84AA7UJ
vyper performs incorrect topic logging in raw_logEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
GSA_kwCzR0hTQS1yNTZ4LWo0Mzgtdnc1bc4AA7UI
vyper performs double eval of the slice start/length args in certain casesEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
GSA_kwCzR0hTQS0zd2hxLTY0cTItcWZqNs4AA7UH
vyper performs double eval of raw_args in create_from_blueprintEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
GSA_kwCzR0hTQS1tMnY5LXczNzQtNWhqOc4AA7UG
vyper default functions don't respect nonreentrancy keysEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
GSA_kwCzR0hTQS01anJqLTUyeDgtbTY0aM4AA7UF
vyper performs multiple eval of `sqrt()` argument built inEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 7 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 9 months ago
GSA_kwCzR0hTQS00aHdxLTRjcG0tOHZteM4AA5gr
Vyper's `extract32` can ready dirty memoryEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 9 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 9 months ago
GSA_kwCzR0hTQS05cDhyLTR4cDQtZ3c1d84AA5gq
Vyper's `_abi_decode` vulnerable to Memory OverflowEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 10 months ago
GSA_kwCzR0hTQS01MnhxLWo3djktdjR2Ms4AA5JI
Vyper negative array index bounds checksEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 10 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 10 months ago
GSA_kwCzR0hTQS02ODQ1LXh3MjItZmZ4ds4AA5Ef
Vyper sha3 codegen bugEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 10 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 10 months ago
GSA_kwCzR0hTQS1ncDN3LTJ2Mm0tcDY4Ns4AA5Bo
Vyper's external calls can overflow return data to return input bufferEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 10 months ago
Critical
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 10 months ago
GSA_kwCzR0hTQS05eDdmLWd3eHEtNmYyY84AA4_y
Vyper's bounds check on built-in `slice()` function can be overflowedEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 10 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 10 months ago
GSA_kwCzR0hTQS14MmMyLXEzMnctNHc2bc4AA48w
Vyper's raw_call `value=` kwargs not disabled for static and delegate callsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 10 months ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: 10 months ago
GSA_kwCzR0hTQS0ycTh2LTNncXEtNGY4cM4AA4kr
concat built-in can corrupt memory in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: 10 months ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 11 months ago
GSA_kwCzR0hTQS02bTk3LTc1MjctbWg3NM4AA3uZ
incorrect storage layout for contracts containing large arraysEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 11 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
GSA_kwCzR0hTQS1jeDJxLWhmeHItcmo5N84AA2C3
Vyper's `_abi_decode` input not validated in complex expressionsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: about 1 year ago
GSA_kwCzR0hTQS1jNjQ3LXB4bTItYzUyd84AA1-0
Vyper vulnerable to memory corruption in certain builtins utilizing `msize`Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
GSA_kwCzR0hTQS0zaGcyLXI3NXgtZzY5bc4AA17W
Vyper has incorrect re-entrancy lock when key is empty stringEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
GSA_kwCzR0hTQS00aGc0LTltZjUtd3h4cc4AA1rF
incorrect order of evaluation of side effects for some builtinsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
GSA_kwCzR0hTQS1nMnhoLWM0MjYtdjhtZs4AA1rE
Vyper: reversed order of side effects for some operationsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: over 1 year ago
GSA_kwCzR0hTQS01ODI0LWNtM3gtM2MzOM4AA1LT
Vyper has incorrectly allocated named re-entrancy locksEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: over 1 year ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
GSA_kwCzR0hTQS1mNXg2LTdxZ3AtamhmM84AA04g
ecrecover can return undefined data if signature does not verifyEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: over 1 year ago
GSA_kwCzR0hTQS12eG1tLWN3aDItcTc2Ms4AAzbG
Vyper's nonpayable default functions are sometimes payableEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS0zcDM3LTM2MzYtcTh3ds4AAzUH
Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignmentEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS02cjhxLXBmcHYtN2Nnas4AAzUG
Vyper vulnerable to integer overflow in loopEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS1waDl4LTR2YzktbTM5Z84AAzUF
Vyper vulnerable to incorrect ordering of arguments for kwargs passed to internal callsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS1tZ3Y4LWdnZ3ctbXJnNs4AAzGx
vyper vulnerable to storage allocator overflowEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
GSA_kwCzR0hTQS13OWcyLTN3N3AtNzJnOc4AAy87
Incorrect success value returned in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
GSA_kwCzR0hTQS00djlxLWNncHctY2YzOM4AArZb
Multiple evaluation of contract address in call in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
GSA_kwCzR0hTQS1qMng2LTkzMjMtZnA3aM0_oA
Integer bounds error in VyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 2 years ago
GSA_kwCzR0hTQS00bXJ4LTZmeG0tOGpwZ809qA
Buffer Overflow in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 2 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
GSA_kwCzR0hTQS03dnJtLTNqYzgtNXd3bc04Jg
Incorrect Comparison in VyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 3 years ago
GSA_kwCzR0hTQS14djh4LXByNGgtNzNqds0WPA
Memory corruption when returning a literal struct with a private call inside of itEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 3 years ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
GSA_kwCzR0hTQS1jN3ByLTM0M3ItNWM0Ns0WLg
missing clamps for decimal args in external functionsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmOTItcnI2dy1jcTY0
Storage corruption due to variables overwritten by re-entrancy locksEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIyd2MtYzl3ai02cTJ2
VVE-2021-0001: Memory corruption using function calls within arraysEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM3NW0tNWZ2di14cTIz
VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoptionEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1yNnItbXZ3NC03MzZn
Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is usedEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 1
Ecosystems: 12
Packages: 9,040
Repositories: 1
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
433
tensorflow-gpu
427
tensorflow-cpu
423
Django
100
apache-airflow
85
Plone
72
ansible
63
salt
56
apache-superset
51
nova
47
mlflow
46
django
44
rdiffweb
42
plone
41
vyper
38
moin
35
matrix-synapse
35
gradio
34
opencv-python
31
Pillow
31
opencv-contrib-python
31
keystone
31
pillow
26
langchain
20
glance
20
mercurial
18
cobbler
18
mindsdb
18
notebook
17
neutron
16
PaddlePaddle
16
cryptography
16
paddlepaddle
16
pyload-ng
16
calibreweb
15
ethyca-fides
15
OctoPrint
15
pyftpdlib
14
lollms
14
aiohttp
14
modoboa
14
vantage6
13
zenml
12
roundup
12
wagtail
12
urllib3
12
twisted
12
swift
12
waitress
11
onionshare-cli
11
trytond
11
horizon
11
nautobot
10
opencv-python-headless
10
opencv-contrib-python-headless
10
sentry
10
Flask-AppBuilder
10
cinder
9
kiwitcms
9
zope
9
pyspark
9
python-keystoneclient
9
ryu
9
ipython
8
litellm
8
ckan
8
Zope
8
label-studio
8
trac
8
numpy
8
pgadmin4
8
aubio
8
jupyter-server
7
matrix-sydent
7
Products.CMFPlone
7
pip
7
scrapy
7
pysaml2
7
lief
7
inventree
7
mailman
6
graphite-web
6
Zope2
6
Moin
6
ansible-core
6
changedetection.io
6
tuf
6
mage-ai
6
lxml
6
yt-dlp
6
requests
6
web2py
6
aim
6
apache-airflow-providers-apache-hive
6
tornado
6
bleach
5
nltk
5
oauthenticator
5
saleor
5
dtale
5
pretix
5
feedparser
5
torchserve
5
lmdb
5
werkzeug
5
python-gnupg
5
langchain-experimental
5
Werkzeug
5
omero-web
5
jupyterhub
5
Jinja2
5
ait-core
5
grpc
5
grpcio
5
paramiko
5
whoogle-search
5
jupyterlab
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
bottle
4
aws-iot-device-sdk-v2
4
wasmtime
4
awsiotsdk
4
langchain-community
4
dbt-core
4
indico
4
FreeTAKServer-UI
4
buildbot
4
tripleo-heat-templates
4
apache-submarine
4
httpie
4
GitPython
4
Weblate
4
esphome
4
Keystone
4
Scrapy
4
codechecker
4
mobsf
4
Nova
4
transformers
4
Radicale
4
Flask-Security-Too
4
open-webui
4
Pygments
4
indy-node
4
keylime
4
barbican
4
onnx
4
markdown2
4
PyPDF2
4
nvflare
4
qutebrowser
4
streamlit
4
jwcrypto
4
langflow
4
reportlab
4
apache-iotdb
4
pywasm3
4
clearml
3
openc3
3
pycrypto
3
Kallithea
3
bitlyshortener
3
localstack
3
Red-DiscordBot
3
slixmpp
3
keyring
3
mitmproxy
3
django-helpdesk
3
keystonemiddleware
3
micropython-copy
3
llama-index
3
ansible-runner
3
llama-index-core
3
ecdsa
3
django-cms
3
sanic
3
pyarrow
3
anki
3
asyncssh
3
apache-airflow-providers-apache-spark
3
ujson
3
octavia
3
mayan-edms
3
micropython-io
3
SQLAlchemy
3
mysql-connector-python
3
pyyaml
3
snowflake-connector-python
3
pandasai
3
dulwich
3
django-tinymce
3
TinyMCE
3
protobuf
3
openstack-heat
3
tinymce/tinymce
3
tinymce
3
Products.PluggableAuthService
3
plone.app.event
3
rsa
3
plone.app.theming
3
Filter by Repository