18 matches found
Malicious code in eslint-plugin-ethereumjs (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48840 Malicious code in eslint-plugin-ethereumjs (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in shanye-ethereumjs-utill (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f814c33a73ebb5b7666c8992f190fa3bc72c80a9580f40c2d73fed35b14e0348 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2557 Malicious code in shanye-ethereumjs-utill (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f814c33a73ebb5b7666c8992f190fa3bc72c80a9580f40c2d73fed35b14e0348 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @huoshanjiebai/ethereumjs-utill (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7a36fccca657e26ff9ded801631d537ad159e26045c0be4de99b31d351e20d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8067 Malicious code in @huoshanjiebai/ethereumjs-utill (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7a36fccca657e26ff9ded801631d537ad159e26045c0be4de99b31d351e20d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ethereumjs-utils-old (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7a448dcf4eb2492d9c83dbfdf881973de080023a4e269bd314dd6ae113ad159 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Denial Of Service (DoS)
ethereumjs-vm is vulnerabel to denial of service. An attacker is able to crash the application via a malicious code Buffer.frommycode, 'hex' attribute...
GHSA-2MW7-WGGM-M6W3 Denial of Service in ethereumjs-vm
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute...
blockapps-vm (>=2.0.0 <=2.1.0), blockapps-web3 (>=1.1.4 <=1.1.6) +11 more potentially affected by CVE-2018-19183 via ethereumjs-vm (>=1.2.1 <=2.4.0)
ethereumjs-vm NPM version =1.2.1, =2.0.0, =1.1.4, =1.1.0, =0.0.2, =1.0.1, =3.0.4, =0.1.1, =0.0.1, =1.1.6, =1.1.41 - newstudio-lib =0.1.0 - remix-solidity =0.0.1 Source cves: CVE-2018-19183 Source advisory: OSV:GHSA-2MW7-WGGM-M6W3...
Denial of Service in ethereumjs-vm
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute...
ethereumjs-vm denial of service vulnerability
ethereumjs-vm is a JavaScript-based implementation of an ethereum virtual machine. A security vulnerability exists in ethereumjs-vm version 2.4.0. An attacker can exploit this vulnerability to cause a denial of service with the 'code: Buffer.frommycode, 'hex'' property...
Code injection
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic...
CVE-2018-19183
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic...
CVE-2018-19183
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic...
CVE-2018-19183
CVE-2018-19183 affects ethereumjs-vm 2.4.0. A DoS can be triggered by a code attribute set to Buffer.from(my_code, 'hex'), causing vm.runCode failure and REVERT. The vendor disputes the interpretation, noting REVERT can result from normal bytecode when triggered from high-level code. Connected ad...
PT-2018-14844 · Ethereumjs · Ethereumjs-Vm
Name of the Vulnerable Software and Affected Versions: ethereumjs-vm version 2.4.0 Description: The issue allows attackers to cause a denial of service, leading to vm.runCode failure and REVERT, via a code attribute set to Buffer.frommy code, 'hex'. It's worth noting that the vendor disputes this...
CVE-2018-19183
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service vm.runCode failure and REVERT via a "code: Buffer.frommycode, 'hex'" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic...