{"vulnerability": "cve-2023-3205", "sightings": [{"uuid": "23cc2403-da34-4062-b3e9-be4498b32ea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32057", "type": "seen", "source": "https://t.me/kasperskyb2b/746", "content": "\ud83d\udcbb \u0418\u044e\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439 Microsoft: \ud83d\udfe5\ud83d\udfe9\ud83d\udcdb\u0436\u0430\u0440\u0430!\n\n\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Microsoft \u043b\u0430\u0442\u0430\u0435\u0442 132 \u0434\u044b\u0440\u044b \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u0438\u0437 \u0420\u0435\u0434\u043c\u043e\u043d\u0434\u0430. 9 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, 6 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e, \u0430 \u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0430\u0442\u0447.   37 \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, 33 \u2014 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 13 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 22 \u2014 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438. \u0411\u043e\u0433\u0430\u0442\u043e.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 Storm-0978/RomCom  RCE \u0432 Office \u0438 Windows (CVE-2023-36884, CVSS 8.3) \u043d\u0435 \u0443\u0441\u043f\u0435\u043b\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 Office \u0432 \u0441\u043f\u0438\u0441\u043e\u043a FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION. \u0412\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u043f\u0430\u0442\u0447 \u0431\u0443\u0434\u0435\u0442 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e-\u0434\u0440\u0443\u0433\u0443\u044e, \u043d\u0435 \u0434\u043e\u0436\u0438\u0434\u0430\u044f\u0441\u044c \u0430\u0432\u0433\u0443\u0441\u0442\u0430.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0435 CVE, \u0430 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 (ADV-230001), \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0443\u0440\u043e\u0432\u043d\u044f \u044f\u0434\u0440\u0430. \u042d\u0442\u043e \u0435\u0449\u0451 \u043e\u0434\u0438\u043d \u043f\u043e\u0432\u043e\u0440\u043e\u0442 \u0432 \u0441\u0430\u0433\u0435 \u043e\u0431 \u00ab\u0443\u0431\u0438\u0439\u0446\u0430\u0445 EDR\u00bb \u0438 \u0440\u0443\u0442\u043a\u0438\u0442\u0430\u0445.  \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u043e\u0442\u043e\u0437\u0432\u0430\u043b \u043f\u0430\u0447\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 APT \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430 \u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b, \u043d\u043e \u043d\u0435 \u0440\u0435\u0448\u0438\u043b \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443. \u0425\u0430\u043a\u0435\u0440\u044b \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0443\u043c\u0443\u0434\u0440\u044f\u044e\u0442\u0441\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0443 Microsoft \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0440\u044e\u043a \u0441 \u043f\u043e\u0434\u043f\u0438\u0441\u044c\u044e \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0437\u0430\u0434\u043d\u0438\u043c \u0447\u0438\u0441\u043b\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u043b \u043f\u043e \u043e\u0434\u043d\u043e\u043c\u0443 \u0438\u0437 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043d\u0430 MS Developers Portal. \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c  Windows \u0438 EDR \u043e\u0431\u043d\u043e\u0432\u043b\u0451\u043d\u043d\u044b\u043c\u0438 \ud83e\udd78. \u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0441\u043b\u0430\u0431\u043e\u0435 \u0443\u0442\u0435\u0448\u0435\u043d\u0438\u0435 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0430\u043a\u0438\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0431\u0430\u0433\u0438 \u0432 \u044d\u0442\u043e\u043c \u043f\u0430\u043a\u0435\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439:\n\nCVE-2023-32049 \u2014 \u043e\u0431\u0445\u043e\u0434 \u0444\u0438\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0444\u0430\u0439\u043b \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0431\u0435\u0437 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f Windows \u00ab\u0444\u0430\u0439\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430\u00bb.\nCVE-2023-32046 \u2014 EoP \u0432 MSHTML. \nCVE-2023-36874 \u2014 EoP \u0432 Windows Error reporting service. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u0435\u0441\u043b\u0438 \u0443 \u043d\u0438\u0445 \u0435\u0441\u0442\u044c \u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043f\u0430\u043f\u043e\u043a \u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438.\nCVE-2023-35311 \u2014 \u043e\u0431\u0445\u043e\u0434 \u0444\u0438\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Outlook, \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043d\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u044e\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0436\u0435\u0434\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f, \u043d\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0431\u0443\u0434\u0443\u0442 \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c  RCE \u0432 Sharepoint server (CVE-2023-33160, CVSS 8.8) \u0438 \u043d\u0438\u0448\u0435\u0432\u0430\u044f, \u043d\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u043e\u043f\u0430\u0441\u043d\u0430\u044f RCE \u0432 Microsoft message queuing (CVE-2023-32057, CVSS 9.8).\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0437\u0434\u0435\u0441\u044c.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-07-12T09:42:06.000000Z"}, {"uuid": "42afdf69-8b73-4b41-90cd-3fee934ef4cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-32057", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1062", "content": "", "creation_timestamp": "2023-07-12T04:00:00.000000Z"}, {"uuid": "816cfcd6-414a-4317-827f-07fda3a76533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32059", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2919", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32059\n\ud83d\udd39 Description: Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, internal calls with default arguments are compiled incorrectly. Depending on the number of arguments provided in the call, the defaults are added not right-to-left, but left-to-right. If the types are incompatible, typechecking is bypassed. The ability to pass kwargs to internal functions is an undocumented feature that is not well known about. The issue is patched in version 0.3.8.\n\ud83d\udccf Published: 2023-05-11T21:01:11.456Z\n\ud83d\udccf Modified: 2025-01-24T15:54:40.006Z\n\ud83d\udd17 References:\n1. https://github.com/vyperlang/vyper/security/advisories/GHSA-ph9x-4vc9-m39g\n2. https://github.com/vyperlang/vyper/commit/c3e68c302aa6e1429946473769dd1232145822ac", "creation_timestamp": "2025-01-24T16:04:38.000000Z"}, {"uuid": "bfe74bb5-19f7-438e-a7d5-45d762ef0b64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32058", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2918", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32058\n\ud83d\udd39 Description: Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been patched in version 0.3.8.\n\ud83d\udccf Published: 2023-05-11T20:55:35.195Z\n\ud83d\udccf Modified: 2025-01-24T15:57:47.118Z\n\ud83d\udd17 References:\n1. https://github.com/vyperlang/vyper/security/advisories/GHSA-6r8q-pfpv-7cgj\n2. https://github.com/vyperlang/vyper/commit/3de1415ee77a9244eb04bdb695e249d3ec9ed868", "creation_timestamp": "2025-01-24T16:04:38.000000Z"}, {"uuid": "94b839bf-7471-4c73-8438-968c29303040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32050", "type": "seen", "source": "https://t.me/cibsecurity/66430", "content": "\u203c CVE-2023-32050 \u203c\n\nWindows Installer Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T22:35:59.000000Z"}, {"uuid": "8e9e879b-4a67-4abe-b87a-8d1741794a6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32055", "type": "seen", "source": "https://t.me/cibsecurity/66427", "content": "\u203c CVE-2023-32055 \u203c\n\nActive Template Library Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T22:35:56.000000Z"}, {"uuid": "83895600-1523-4a3e-bfe5-449e784d371f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3205", "type": "seen", "source": "https://t.me/cibsecurity/69628", "content": "\u203c CVE-2023-3205 \u203c\n\nAn issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T14:13:54.000000Z"}, {"uuid": "53fca730-13e9-4b6b-b1c0-73d6571bdf43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32054", "type": "seen", "source": "https://t.me/cibsecurity/66436", "content": "\u203c CVE-2023-32054 \u203c\n\nVolume Shadow Copy Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T22:36:06.000000Z"}, {"uuid": "983f24e1-422d-4262-be7f-b4453d9fd047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32052", "type": "seen", "source": "https://t.me/cibsecurity/66423", "content": "\u203c CVE-2023-32052 \u203c\n\nMicrosoft Power Apps Spoofing Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T22:35:49.000000Z"}, {"uuid": "37195ef4-177d-4ae2-8049-42158b973087", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32058", "type": "seen", "source": "https://t.me/cibsecurity/63927", "content": "\u203c CVE-2023-32058 \u203c\n\nVyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been patched in version 0.3.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T00:15:46.000000Z"}]}