PT-2021-23105 · Vyper · Vyper
Charles-Cooper
·
Published
2021-10-05
·
Updated
2023-08-02
·
CVE-2021-41122
CVSS v4.0
5.3
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Vyper versions prior to 0.3.0
Description
The issue arises from external functions not properly validating the bounds of decimal arguments, leading to potential logic errors.
Recommendations
For versions prior to 0.3.0, update to version 0.3.0 to resolve the issue.
As a temporary workaround, consider avoiding the use of decimal arguments in external functions until the issue is resolved.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vyper