How severe is CVE-2024-24567?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2024-24567?

This is classified as CWE-754, which is a common weakness in software security.

CVE-2024-24567 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Vyper compiler allows passing a value in builtin raw_call even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics of the respective opcodes, and vyper will silently ignore the value= argument. If the semantics of the EVM are unknown to the developer, he could suspect that by specifying the `value` kwarg, exactly the given amount will be sent along to the target. This vulnerability affects 0.3.10 and earlier versions.

Related Vulnerabilities

CVE-2017-18657

MEDIUM

CVSS:5.3(Medium)

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 (August 2017).

CWE-7542017

CVE-2017-18914

MEDIUM

CVSS:5.3(Medium)

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. An external link can occur on an error page even if it is not on an allowlist.

CWE-7542017

CVE-2019-14607

MEDIUM

CVSS:5.3(Medium)

Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local...

CWE-7542019

CVE-2020-1999

MEDIUM

CVSS:5.3(Medium)

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for thre...

CWE-7542020

CVE-2020-7549

MEDIUM

CVSS:5.3(Medium)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication M...

CWE-7542020

CVE-2021-31361

MEDIUM

CVSS:5.3(Medium)

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unau...

CWE-7542021