—

PYSEC-2021-365

Details

Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / vyper

Introduced in: 0 Fixed in: 0.3.0

Fix pip install --upgrade 'vyper>=0.3.0'

References

https://github.com/vyperlang/vyper/security/advisories/GHSA-xv8x-pr4h-73jv [ADVISORY]
https://github.com/vyperlang/vyper/pull/2447 [WEB]