ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic execution result.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-11-12T00:00:00
Updated: 2024-08-05T11:30:04.282Z
Reserved: 2018-11-11T00:00:00
Link: CVE-2018-19183
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-11-12T02:29:00.327
Modified: 2024-08-05T12:15:22.533
Link: CVE-2018-19183
Redhat
No data.