CVE-2018-19183

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-19183

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19183.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-19183

Aliases

GHSA-2mw7-wggm-m6w3

Withdrawn

2024-01-23T10:48:03Z

Published

2018-11-12T02:29:00Z

Modified

2025-01-14T07:26:45.447182Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic execution result.

References

Affected packages

Git / github.com/ethereumjs/ethereumjs-vm

Affected ranges

Type: GIT
Repo: https://github.com/ethereumjs/ethereumjs-vm
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

7330c4ace495903748c606a47a8b993812504db8

Affected versions

@ethereumjs/account@1.*

@ethereumjs/account@1.0.3

@ethereumjs/account@2.*

@ethereumjs/account@2.0.0

@ethereumjs/account@2.0.2

@ethereumjs/account@2.0.5

@ethereumjs/account@3.*

@ethereumjs/account@3.0.0

@ethereumjs/block@1.*

@ethereumjs/block@1.0.3

@ethereumjs/block@1.0.4

@ethereumjs/block@1.2.0

@ethereumjs/block@1.2.1

@ethereumjs/block@1.2.2

@ethereumjs/block@1.3.0

@ethereumjs/block@1.3.1

@ethereumjs/block@1.4.0

@ethereumjs/block@1.5.0

@ethereumjs/block@1.5.1

@ethereumjs/block@1.7.0

@ethereumjs/block@1.7.1

@ethereumjs/block@2.*

@ethereumjs/block@2.0.0

@ethereumjs/block@2.0.1

@ethereumjs/block@2.1.0

@ethereumjs/block@2.2.0

@ethereumjs/block@3.*

@ethereumjs/block@3.0.0

@ethereumjs/block@3.0.0-beta.1

@ethereumjs/block@3.0.0-beta.2

@ethereumjs/block@3.0.0-rc.1

@ethereumjs/block@3.1.0

@ethereumjs/block@3.2.0

@ethereumjs/block@3.2.1

@ethereumjs/block@3.3.0

@ethereumjs/block@3.4.0

@ethereumjs/block@3.5.0

@ethereumjs/block@3.5.1

@ethereumjs/block@3.6.0

@ethereumjs/block@3.6.1

@ethereumjs/block@3.6.2

@ethereumjs/blockchain@1.*

@ethereumjs/blockchain@1.2.0

@ethereumjs/blockchain@1.3.2

@ethereumjs/blockchain@1.3.3

@ethereumjs/blockchain@1.3.4

@ethereumjs/blockchain@1.4.0

@ethereumjs/blockchain@1.4.1

@ethereumjs/blockchain@1.4.2

@ethereumjs/blockchain@2.*

@ethereumjs/blockchain@2.0.0

@ethereumjs/blockchain@2.0.1

@ethereumjs/blockchain@2.0.2

@ethereumjs/blockchain@3.*

@ethereumjs/blockchain@3.0.0

@ethereumjs/blockchain@3.1.0

@ethereumjs/blockchain@3.2.0

@ethereumjs/blockchain@3.2.1

@ethereumjs/blockchain@3.3.0

@ethereumjs/blockchain@3.3.1

@ethereumjs/blockchain@3.3.2

@ethereumjs/blockchain@3.3.3

@ethereumjs/blockchain@3.4.0

@ethereumjs/blockchain@4.*

@ethereumjs/blockchain@4.0.0

@ethereumjs/blockchain@4.0.1

@ethereumjs/blockchain@4.0.2

@ethereumjs/blockchain@4.0.3

@ethereumjs/blockchain@5.*

@ethereumjs/blockchain@5.0.0

@ethereumjs/blockchain@5.0.0-beta.1

@ethereumjs/blockchain@5.0.0-beta.2

@ethereumjs/blockchain@5.0.0-rc.1

@ethereumjs/blockchain@5.1.0

@ethereumjs/blockchain@5.2.0

@ethereumjs/blockchain@5.2.1

@ethereumjs/blockchain@5.3.0

@ethereumjs/blockchain@5.3.1

@ethereumjs/blockchain@5.4.0

@ethereumjs/blockchain@5.4.1

@ethereumjs/blockchain@5.4.2

@ethereumjs/blockchain@5.5.0

@ethereumjs/blockchain@5.5.1

@ethereumjs/blockchain@5.5.2

@ethereumjs/client@0.*

@ethereumjs/client@0.1.0

@ethereumjs/client@0.2.0

@ethereumjs/client@0.3.0

@ethereumjs/client@0.4.0

@ethereumjs/common@0.*

@ethereumjs/common@0.1.0

@ethereumjs/common@0.1.1

@ethereumjs/common@0.2.0

@ethereumjs/common@0.3.0

@ethereumjs/common@0.3.1

@ethereumjs/common@0.4.0

@ethereumjs/common@0.4.1

@ethereumjs/common@0.5.0

@ethereumjs/common@0.6.0

@ethereumjs/common@0.6.1

@ethereumjs/common@1.*

@ethereumjs/common@1.0.0

@ethereumjs/common@1.1.0

@ethereumjs/common@1.2.0

@ethereumjs/common@1.2.1

@ethereumjs/common@1.3.0

@ethereumjs/common@1.3.1

@ethereumjs/common@1.3.2

@ethereumjs/common@1.4.0

@ethereumjs/common@1.5.0

@ethereumjs/common@1.5.1

@ethereumjs/common@2.*

@ethereumjs/common@2.0.0

@ethereumjs/common@2.0.0-beta.1

@ethereumjs/common@2.0.0-beta.2

@ethereumjs/common@2.0.0-rc.1

@ethereumjs/common@2.1.0

@ethereumjs/common@2.2.0

@ethereumjs/common@2.3.0

@ethereumjs/common@2.3.1

@ethereumjs/common@2.4.0

@ethereumjs/common@2.5.0

@ethereumjs/common@2.6.0

@ethereumjs/common@2.6.1

@ethereumjs/common@2.6.2

@ethereumjs/common@2.6.3

@ethereumjs/devp2p@4.*

@ethereumjs/devp2p@4.0.0

@ethereumjs/devp2p@4.1.0

@ethereumjs/devp2p@4.2.0

@ethereumjs/devp2p@4.2.1

@ethereumjs/ethash@1.*

@ethereumjs/ethash@1.0.0

@ethereumjs/ethash@1.0.0-beta.1

@ethereumjs/ethash@1.0.0-rc.1

@ethereumjs/ethash@1.1.0

@ethereumjs/tx@0.*

@ethereumjs/tx@0.6.10

@ethereumjs/tx@0.6.11

@ethereumjs/tx@0.6.12

@ethereumjs/tx@0.6.14

@ethereumjs/tx@0.6.8

@ethereumjs/tx@0.7.0

@ethereumjs/tx@0.7.1

@ethereumjs/tx@0.7.2

@ethereumjs/tx@0.7.3

@ethereumjs/tx@1.*

@ethereumjs/tx@1.0.0

@ethereumjs/tx@1.0.1

@ethereumjs/tx@1.1.0

@ethereumjs/tx@1.1.1

@ethereumjs/tx@1.1.2

@ethereumjs/tx@1.1.3

@ethereumjs/tx@1.2.0

@ethereumjs/tx@1.2.3

@ethereumjs/tx@1.3.0

@ethereumjs/tx@1.3.1

@ethereumjs/tx@1.3.3

@ethereumjs/tx@1.3.4

@ethereumjs/tx@1.3.5

@ethereumjs/tx@1.3.6

@ethereumjs/tx@1.3.7

@ethereumjs/tx@2.*

@ethereumjs/tx@2.0.0

@ethereumjs/tx@2.1.0

@ethereumjs/tx@2.1.1

@ethereumjs/tx@2.1.2

@ethereumjs/tx@3.*

@ethereumjs/tx@3.0.0

@ethereumjs/tx@3.0.0-beta.1

@ethereumjs/tx@3.0.0-beta.2

@ethereumjs/tx@3.0.0-rc.1

@ethereumjs/tx@3.0.1

@ethereumjs/tx@3.0.2

@ethereumjs/tx@3.1.0

@ethereumjs/tx@3.1.1

@ethereumjs/tx@3.1.2

@ethereumjs/tx@3.1.3

@ethereumjs/tx@3.1.4

@ethereumjs/tx@3.2.0

@ethereumjs/tx@3.2.1

@ethereumjs/tx@3.3.0

@ethereumjs/tx@3.3.1

@ethereumjs/tx@3.3.2

@ethereumjs/tx@3.4.0

@ethereumjs/tx@3.5.0

@ethereumjs/tx@3.5.1

@ethereumjs/vm@1.*

@ethereumjs/vm@1.0.0

@ethereumjs/vm@1.0.3

@ethereumjs/vm@1.1.0

@ethereumjs/vm@1.2.0

@ethereumjs/vm@1.2.1

@ethereumjs/vm@1.3.0

@ethereumjs/vm@1.4.0

@ethereumjs/vm@2.*

@ethereumjs/vm@2.0.0

@ethereumjs/vm@2.0.1

@ethereumjs/vm@2.1.0

@ethereumjs/vm@2.2.0

@ethereumjs/vm@2.2.1

@ethereumjs/vm@2.2.2

@ethereumjs/vm@2.3.1

@ethereumjs/vm@2.3.2

@ethereumjs/vm@2.3.3

@ethereumjs/vm@2.3.4

@ethereumjs/vm@2.3.5

@ethereumjs/vm@2.4.0

@ethereumjs/vm@2.5.0

@ethereumjs/vm@2.5.1

@ethereumjs/vm@2.6.0

@ethereumjs/vm@3.*

@ethereumjs/vm@3.0.0

@ethereumjs/vm@4.*

@ethereumjs/vm@4.0.0

@ethereumjs/vm@4.0.0-beta.1

@ethereumjs/vm@4.1.0

@ethereumjs/vm@4.1.1

@ethereumjs/vm@4.1.2

@ethereumjs/vm@4.1.3

@ethereumjs/vm@5.*

@ethereumjs/vm@5.0.0

@ethereumjs/vm@5.0.0-beta.1

@ethereumjs/vm@5.0.0-beta.2

@ethereumjs/vm@5.0.0-rc.1

@ethereumjs/vm@5.1.0

@ethereumjs/vm@5.2.0

@ethereumjs/vm@5.3.0

@ethereumjs/vm@5.3.1

@ethereumjs/vm@5.4.0

@ethereumjs/vm@5.4.1

@ethereumjs/vm@5.5.0

@ethereumjs/vm@5.5.1

@ethereumjs/vm@5.5.2

@ethereumjs/vm@5.5.3

@ethereumjs/vm@5.6.0

@ethereumjs/vm@5.7.0

@ethereumjs/vm@5.7.1

@ethereumjs/vm@5.8.0

ethereumjs-util@7.*

ethereumjs-util@7.0.10

ethereumjs-util@7.1.0

ethereumjs-util@7.1.1

ethereumjs-util@7.1.2

ethereumjs-util@7.1.3

ethereumjs-util@7.1.4

merkle-patricia-tree@4.*

merkle-patricia-tree@4.1.0

merkle-patricia-tree@4.2.0

merkle-patricia-tree@4.2.1

merkle-patricia-tree@4.2.2

merkle-patricia-tree@4.2.3

merkle-patricia-tree@4.2.4

rlp@2.*

rlp@2.2.6

rlp@2.2.7

rlp@3.*

rlp@3.0.0

v2.*

v2.3.1

v2.3.2

v2.3.3

v2.3.4

v2.3.5

v2.4.0

v2.5.0

v2.5.1

v2.6.0

v3.*

v3.0.0

v4.*

v4.0.0

v4.0.0-beta.1

v4.1.0

v4.1.1

v4.1.2

v4.1.3