CVE-2025-47774

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-47774

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-47774.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-47774

Aliases

GHSA-3vcg-j39x-cwfm

Published

2025-05-15T17:38:58.487Z

Modified

2025-12-02T20:05:03.037584Z

Severity

2.9 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P CVSS Calculator

Summary

Vyper's `slice()` may elide side-effects when output length is 0

Details

Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the slice() builtin can elide side effects when the output length is 0, and the source bytestring is a builtin (msg.data or <address>.code). The reason is that for these source locations, the check that length >= 1 is skipped. The result is that a 0-length bytestring constructed with slice can be passed to make_byte_array_copier, which elides evaluation of its source argument when the max length is 0. The impact is that side effects in the start argument may be elided when the length argument is 0, e.g. slice(msg.data, self.do_side_effect(), 0). The fix in pull request 4645 disallows any invocation of slice() with length 0, including for the ad hoc locations discussed in this advisory. The fix is expected to be part of version 0.4.2.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/47xxx/CVE-2025-47774.json",
    "cwe_ids": [
        "CWE-691"
    ],
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/vyperlang/vyper

Affected ranges

Type

GIT

Repo

https://github.com/vyperlang/vyper

Events

Introduced

Last affected

11522b836bd0d86cf43ec186aa3b2b8e986ca4fe

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.4.2rc1"
        }
    ]
}

Affected versions

0.*

0.2.1

Other

pre-release

v0.*

v0.0.4

v0.1.0-beta.1

v0.1.0-beta.10

v0.1.0-beta.11

v0.1.0-beta.12

v0.1.0-beta.13

v0.1.0-beta.14

v0.1.0-beta.15

v0.1.0-beta.16

v0.1.0-beta.17

v0.1.0-beta.2

v0.1.0-beta.3

v0.1.0-beta.4

v0.1.0-beta.5

v0.1.0-beta.6

v0.1.0-beta.7

v0.1.0-beta.8

v0.1.0-beta.9

v0.2.0

v0.2.1

v0.2.10

v0.2.11

v0.2.12

v0.2.13

v0.2.14

v0.2.15

v0.2.16

v0.2.2

v0.2.3

v0.2.4

v0.2.5

v0.2.6

v0.2.7

v0.2.8

v0.2.9

v0.3.0

v0.3.1

v0.3.10

v0.3.10rc1

v0.3.10rc2

v0.3.10rc3

v0.3.10rc4

v0.3.10rc5

v0.3.2

v0.3.3

v0.3.4

v0.3.5

v0.3.6

v0.3.7

v0.3.8

v0.3.9

v0.4.0

v0.4.0b1

v0.4.0b2

v0.4.0b3

v0.4.0b4

v0.4.0b5

v0.4.0b6

v0.4.0rc1

v0.4.0rc2

v0.4.0rc3

v0.4.0rc4

v0.4.0rc5

v0.4.0rc6

v0.4.1

v0.4.1b1

v0.4.1b2

v0.4.1b3

v0.4.1b4

v0.4.1rc1

v0.4.1rc2

v0.4.1rc3

v0.4.2rc1