Lucene search
GoogleOSV:PYSEC-2018-96HistoryNov 12, 2018 - 2:29 a.m.
PYSEC-2018-96
2018-11-1202:29:00
Google
osv.dev
7
EPSS
0.007
Percentile
80.4%
Py-EVM v0.2.0-alpha.33 allows attackers to make a vm.execute_bytecode call that triggers computation._stack.values with ‘“stack”: [100, 100, 0]’ where b’\x’ was expected, resulting in an execution failure because of an invalid opcode. This is reportedly related to “smart contracts can be executed indefinitely without gas being paid.”
Related
veracode
veracode
Denial Of Service (DoS)
2018-11-13 06:07:31
osv
osv
Py-EVM is vulnerable to arbitrary bytecode injection
2018-11-21 22:23:04
CVE-2018-18920
2018-11-12 02:29:00
prion
prion
Design/Logic Flaw
2018-11-12 02:29:00
cve
cve
CVE-2018-18920
2018-11-12 02:29:00
github
github
Py-EVM is vulnerable to arbitrary bytecode injection
2018-11-21 22:23:04
cvelist
cvelist
CVE-2018-18920
2018-11-12 02:00:00
nvd
nvd
CVE-2018-18920
2018-11-12 02:29:00