4 matches found
CVE-2022-39354
SputnikVM (evm) has a vulnerability where the is_static parameter in custom stateful precompiles could be incorrect prior to v0.36.0, incorrectly setting static context only for direct STATICCALL calls. This could lead to incorrect state transitions for affected precompiles. The patch is included...
CVE-2024-21629
Rust EVM contains a vulnerability in the record_external_operation feature of rust-evm. During finalization of CREATE/CREATE2, if substack execution succeeds, the substate is committed before calling record_external_operation(Write(out_code.len())). If record_external_operation later fails, the e...
CVE-2021-29511
CVE-2021-29511 affects the Rust EVM implementation (evm crate). Before the patch in commit 19ade85, certain memory-opcodes using memory::copy_large could cause memory over-allocation, enabling a denial-of-service. Remediation: upgrade evm to >=0.26.1, or to specific newer releases (0.21.1, 0.2...
CVE-2021-41153
The evm crate (Rust Ethereum VM)