Skip to content

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
#

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

#

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

vyperlang / vyper Public

Notifications You must be signed in to change notification settings
Fork 812
Star 4.9k

Code
Issues 412
Pull requests 97
Discussions
Actions
Projects
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Wiki
Security
Insights

Security: vyperlang/vyper

Security Navigation

Overview
Reporting
- Policy
- Advisories

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

external calls are not clamped in certain complex expressions
GHSA-j2x6-9323-fp7h published Apr 13, 2022 by charles-cooper

High
bytestring equality incorrect for Bytes[N<=32]
GHSA-7vrm-3jc8-5wwm published Apr 2, 2022 by charles-cooper

Moderate
No bytes clamps for interfaces imported via JSON
GHSA-4mrx-6fxm-8jpg published Apr 13, 2022 by charles-cooper

Moderate
missing clamps for decimal args in external functions
GHSA-c7pr-343r-5c46 published Oct 5, 2021 by charles-cooper

Moderate
Memory corruption when returning a literal struct with a private call inside of it
GHSA-xv8x-pr4h-73jv published Oct 6, 2021 by charles-cooper

High
VVE-2021-0003: Storage variables overwritten by re-entrancy locks
GHSA-7f92-rr6w-cq64 published Jul 27, 2021 by fubuloubu

High
VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoption
GHSA-375m-5fvv-xq23 published Apr 16, 2021 by fubuloubu

Low
VVE-2021-0001: Memory corruption using function calls within arrays
GHSA-22wc-c9wj-6q2v published Apr 16, 2021 by fubuloubu

Moderate
VVE-2020-0004: Memory corruption using function calls within tuples / nested calls
GHSA-2r3x-4mrv-mcxf published Oct 10, 2020 by fubuloubu

Moderate
VVE-2020-0003: Call stack corruption when passing complex type containing non-base type members as argument
GHSA-4v7v-gqf9-ww2g published Oct 10, 2020 by fubuloubu

Moderate

Previous 1 2 3 4 5 Next

Footer

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.