First published: Mon Sep 18 2023(Updated: )
### Impact Locks of the type `@nonreentrant("")` or `@nonreentrant('')` do not produce reentrancy checks at runtime. ```Vyper @nonreentrant("") # unprotected @external def bar(): pass @nonreentrant("lock") # protected @external def foo(): pass ``` ### Patches Patched in #3605 ### Workarounds The lock name should be a non-empty string. ### References _Are there any links users can visit to find out more?_
Affected Software | Affected Version | How to fix |
---|---|---|
pip/vyper | >=0.2.9<0.3.10 | 0.3.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Locks of the type '@nonreentrant()' do not produce reentrancy checks at runtime.
The vulnerability has been patched in version 0.3.10 of the 'vyper' package.
No specific workaround information is available for this vulnerability.
The severity of this vulnerability is medium with a score of 5.3.
The CWE ID for this vulnerability is 667 and 833.