CVE-2023-30629 - Vulnerability Details - OpenCVE

Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the `raw_call` with `revert_on_failure=False` and `max_outsize=0` receives the wrong response from `raw_call`. Depending on the memory garbage, the result can be either `True` or `False`. A patch is available and, as of time of publication, anticipated to be part of Vyper 0.3.8. As a workaround, one may always put `max_outsize>0`.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Vyperlang	Vyper

Configuration 1 [-]

cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call
https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164
https://github.com/lidofinance/gate-seals/pull/5/files
https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae
https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9

History

Wed, 12 Feb 2025 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-04-24T21:58:00.227Z

Updated: 2025-02-12T16:35:42.775Z

Reserved: 2023-04-13T13:25:18.834Z

Link: CVE-2023-30629

Vulnrichment

Updated: 2024-08-02T14:28:52.121Z

NVD

Status : Modified

Published: 2023-04-24T22:15:10.030

Modified: 2024-11-21T08:00:32.820

Link: CVE-2023-30629

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-30629", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-04-13T13:25:18.834Z", "datePublished": "2023-04-24T21:58:00.227Z", "dateUpdated": "2025-02-12T16:35:42.775Z"}, "containers": {"cna": {"title": "Vyper's raw_call with outsize=0 and revert_on_failure=False returns incorrect success value", "problemTypes": [{"descriptions": [{"cweId": "CWE-670", "lang": "en", "description": "CWE-670: Always-Incorrect Control Flow Implementation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9"}, {"name": "https://github.com/lidofinance/gate-seals/pull/5/files", "tags": ["x_refsource_MISC"], "url": "https://github.com/lidofinance/gate-seals/pull/5/files"}, {"name": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae", "tags": ["x_refsource_MISC"], "url": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae"}, {"name": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call", "tags": ["x_refsource_MISC"], "url": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call"}, {"name": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164", "tags": ["x_refsource_MISC"], "url": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164"}], "affected": [{"vendor": "vyperlang", "product": "vyper", "versions": [{"version": ">= 0.3.1, <= 0.3.7", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-04-24T21:58:00.227Z"}, "descriptions": [{"lang": "en", "value": "Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the `raw_call` with `revert_on_failure=False` and `max_outsize=0` receives the wrong response from `raw_call`. Depending on the memory garbage, the result can be either `True` or `False`. A patch is available and, as of time of publication, anticipated to be part of Vyper 0.3.8. As a workaround, one may always put `max_outsize>0`."}], "source": {"advisory": "GHSA-w9g2-3w7p-72g9", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:28:52.121Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9"}, {"name": "https://github.com/lidofinance/gate-seals/pull/5/files", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/lidofinance/gate-seals/pull/5/files"}, {"name": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae"}, {"name": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call"}, {"name": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-03T20:54:22.454011Z", "id": "CVE-2023-30629", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-12T16:35:42.775Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9", "name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/lidofinance/gate-seals/pull/5/files", "name": "https://github.com/lidofinance/gate-seals/pull/5/files", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae", "name": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call", "name": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164", "name": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:28:52.121Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-30629", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-03T20:54:22.454011Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-12T16:35:39.357Z"}}], "cna": {"title": "Vyper's raw_call with outsize=0 and revert_on_failure=False returns incorrect success value", "source": {"advisory": "GHSA-w9g2-3w7p-72g9", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "vyperlang", "product": "vyper", "versions": [{"status": "affected", "version": ">= 0.3.1, <= 0.3.7"}]}], "references": [{"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9", "name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/lidofinance/gate-seals/pull/5/files", "name": "https://github.com/lidofinance/gate-seals/pull/5/files", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae", "name": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae", "tags": ["x_refsource_MISC"]}, {"url": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call", "name": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164", "name": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the `raw_call` with `revert_on_failure=False` and `max_outsize=0` receives the wrong response from `raw_call`. Depending on the memory garbage, the result can be either `True` or `False`. A patch is available and, as of time of publication, anticipated to be part of Vyper 0.3.8. As a workaround, one may always put `max_outsize>0`."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-670", "description": "CWE-670: Always-Incorrect Control Flow Implementation"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-04-24T21:58:00.227Z"}}}, "cveMetadata": {"cveId": "CVE-2023-30629", "state": "PUBLISHED", "dateUpdated": "2025-02-12T16:35:42.775Z", "dateReserved": "2023-04-13T13:25:18.834Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-04-24T21:58:00.227Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA2EC8D5-7723-4112-B674-AB70975FDEEA", "versionEndExcluding": "0.3.8", "versionStartIncluding": "0.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the `raw_call` with `revert_on_failure=False` and `max_outsize=0` receives the wrong response from `raw_call`. Depending on the memory garbage, the result can be either `True` or `False`. A patch is available and, as of time of publication, anticipated to be part of Vyper 0.3.8. As a workaround, one may always put `max_outsize>0`."}], "id": "CVE-2023-30629", "lastModified": "2024-11-21T08:00:32.820", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-24T22:15:10.030", "references": [{"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call"}, {"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/lidofinance/gate-seals/pull/5/files"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/lidofinance/gate-seals/pull/5/files"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-670"}], "source": "security-advisories@github.com", "type": "Secondary"}]}