CVE-2023-41052

Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions `uint256_addmod`, `uint256_mulmod`, `ecadd` and `ecmul` does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side effects that other arguments depend on. A patch is currently being developed on pull request #3583. When using builtins from the list above, users should make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/vyperlang/vyper/pull/3583	Patch
https://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq	Exploit Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:python:*:*

History

08 Sep 2023, 14:08

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
CPE		cpe:2.3:a:vyperlang:vyper::::::python::*
First Time		Vyperlang vyper Vyperlang
References	~~(MISC) https://github.com/vyperlang/vyper/pull/3583 -~~	(MISC) https://github.com/vyperlang/vyper/pull/3583 - Patch
References	~~(MISC) https://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq -~~	(MISC) https://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq - Exploit, Patch, Third Party Advisory

04 Sep 2023, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-09-04 18:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-41052

Mitre link : CVE-2023-41052

CVE.ORG link : CVE-2023-41052

JSON object : View

Products Affected

vyperlang

vyper

CWE

CWE-670

Always-Incorrect Control Flow Implementation

{"id": "CVE-2023-41052", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.2}]}, "published": "2023-09-04T18:15:08.657", "references": [{"url": "https://github.com/vyperlang/vyper/pull/3583", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-670"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-670"}]}], "descriptions": [{"lang": "en", "value": "Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions `uint256_addmod`, `uint256_mulmod`, `ecadd` and `ecmul` does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side effects that other arguments depend on. A patch is currently being developed on pull request #3583. When using builtins from the list above, users should make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects."}, {"lang": "es", "value": "Vyper es un Lenguaje de Contrato Inteligente de Python. En las versiones afectadas, el orden de evaluaci\u00f3n de los argumentos de las funciones integradas `uint256_addmod`, `uint256_mulmod`, `ecadd` and `ecmul` no sigue el orden de origen. Este comportamiento es problem\u00e1tico cuando la evaluaci\u00f3n de uno de los argumentos produce efectos secundarios de los que dependen otros argumentos. Actualmente se est\u00e1 desarrollando un parche mediante la solicitud de extracci\u00f3n #3583. Al utilizar elementos integrados de la lista anterior, los usuarios deben asegurarse de que los argumentos de la expresi\u00f3n no produzcan efectos secundarios o, si los produce, que ning\u00fan otro argumento dependa de esos efectos secundarios."}], "lastModified": "2023-09-08T14:08:27.387", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:python:*:*", "vulnerable": true, "matchCriteriaId": "56FB25B4-6446-4B4B-87AA-D4368B4B8685", "versionEndIncluding": "0.3.9"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}