Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade vyper
to version 0.3.10rc4 or higher.
vyper is a Pythonic Smart Contract Language for the EVM.
Affected versions of this package are vulnerable to Out-of-bounds Write via the builtins raw_call
, create_from_blueprint
and create_copy_of
. An attacker can corrupt the memory used, leading to incorrect calldata
in the sub-context or deploying incorrect bytecode by passing complex expressions that result in writing to the memory.
Note: This is only exploitable if:
the data
argument of the raw_call
builtin is msg.data
and the value
or gas
passed to the builtin is a complex expression that results in writing to the memory.
For create_copy_of
and create_from_blueprint
, the value
or salt
passed to the builtin must be a complex expression that results in writing to the memory. For create_from_blueprint
, either no constructor parameters should be passed to the builtin or raw_args
should be set to True.
This vulnerability can be mitigated by caching the complex expressions that are being passed as kwargs to the builtin in memory prior to the call to the builtin.