Pavelvm5

**Name of the Vulnerable Software and Affected Versions** Vyper versions 0.3.1 through 0.3.7 **Description** The Vyper compiler generates the wrong bytecode in versions 0.3.1 through 0.3.7. Any contract that uses the `raw call` with `revert on failure=False` and `max outsize=0` receives the wrong response from `raw call`. Depending on the memory garbage, the result can be either `True` or `False`. **Recommendations** For Vyper versions 0.3.1 through 0.3.7, as a temporary workaround, consider always putting `max outsize>0` to avoid the issue. A patch is anticipated to be part of Vyper 0.3.8.