Memory Corruption Vulnerability in Vyper Smart Contract Language

Memory Corruption Vulnerability in Vyper Smart Contract Language

CVE-2021-41121 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0.

Learn more about our Web Application Penetration Testing UK.