Py-EVM is vulnerable to arbitrary bytecode injection

🗓️ 21 Nov 2018 22:04:23Reported by GitHub Advisory DatabaseType

Py-EVM v0.2.0-alpha.33 vulnerable to bytecode injectio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Veracode	Denial Of Service (DoS)	13 Nov 201806:07	–	veracode
Prion	Design/Logic Flaw	12 Nov 201802:29	–	prion
OSV	GHSA-VQGP-4JGJ-5J64 Py-EVM is vulnerable to arbitrary bytecode injection	21 Nov 201822:23	–	osv
OSV	PYSEC-2018-96	12 Nov 201802:29	–	osv
OSV	CVE-2018-18920	12 Nov 201802:29	–	osv
Cvelist	CVE-2018-18920	12 Nov 201802:00	–	cvelist
NVD	CVE-2018-18920	12 Nov 201802:29	–	nvd
CVE	CVE-2018-18920	12 Nov 201802:29	–	cve

Vulners

Node

ethereum py-evmRange≤0.2.0a33

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-18920
github	www.github.com/ethereum/py-evm/issues/1448
github	www.github.com/advisories/GHSA-vqgp-4jgj-5j64
twitter	www.twitter.com/AlexanderFisher/status/1060923428641878019
twitter	www.twitter.com/NettaLab/status/1060889400102383617
github	www.github.com/pypa/advisory-database/tree/main/vulns/py-evm/PYSEC-2018-96.yaml
reddit	www.reddit.com/r/ethereum/comments/9vkk2g/netta_labs_claim_to_have_found_a_vulnerability_in/e9d3wyx

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Nov 2018 22:23Current

8.3High risk

Vulners AI Score8.3

CVSS26.8

CVSS38.8

EPSS0.00794

CWE-119