How severe is CVE-2023-41052?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2023-41052?

This is classified as CWE-670, which is a common weakness in software security.

CVE-2023-41052 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions `uint256_addmod`, `uint256_mulmod`, `ecadd` and `ecmul` does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side effects that other arguments depend on. A patch is currently being developed on pull request #3583. When using builtins from the list above, users should make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects.

Related Vulnerabilities

CVE-2020-35477

MEDIUM

CVSS:5.3(Medium)

MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggle...

CWE-6702020

CVE-2020-5753

MEDIUM

CVSS:5.3(Medium)

Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling...

CWE-6702020

CVE-2021-0273

MEDIUM

CVSS:5.3(Medium)

An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices wi...

CWE-6702021

CVE-2021-43819

MEDIUM

CVSS:5.3(Medium)

Stargate-Bukkit is a mod for the minecraft video game which adds a portal focused environment. In affected versions Minecarts with chests will drop their items when teleporting through a portal; when ...

CWE-6702021

CVE-2021-43979

MEDIUM

CVSS:5.3(Medium)

Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0 mishandles concurrency, sometimes resulting in incorrect access control. The data replication mechanism allows policies to access the Kubernetes ...

CWE-6702021

CVE-2021-45852

MEDIUM

CVSS:5.3(Medium)

An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.

CWE-6702021