Name of the Vulnerable Software and Affected Versions: Vyper versions prior to the upgrade to EIP-1167 style forwarder proxies in #2281

Description: A data handling issue was reported with certain Web3 libraries using Vyper-deploy forwarder proxy contracts. This issue affects end users of forwarder-style proxies deployed using Vyper's built-in create forwarder to function, where a function returns more than 4096 bytes and no return data sanitation is performed on the value returned, potentially leading to data corruption. Additionally, if the result of a return call is handled and a specific RETURNDATASIZE less than 4096 is expected, the call will fail that check.

Recommendations: For versions prior to the upgrade to EIP-1167 style forwarder proxies in #2281, consider upgrading to the latest version to resolve the issue. As a temporary workaround, if making a call to a contract method expected to return <= 4096 bytes, no issue should occur. However, if using a Solidity library that checks RETURNDATASIZE of an external call to a forwarder proxy, modify the library to perform a greater than or equal to check instead of a strict equals to check to avoid assertion failures.