High severity7.5NVD Advisory· Published Nov 12, 2018· Updated Jun 17, 2026
CVE-2018-19183
CVE-2018-19183
Description
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic execution result.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ethereumjs-vmnpm | <= 2.4.0 | — |
Affected products
1Patches
Vulnerability mechanics
References
5- github.com/ethereumjs/ethereumjs-vm/issues/386nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-2mw7-wggm-m6w3ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-19183ghsaADVISORY
- github.com/ethereumjs/ethereumjs-monorepo/issues/386nvd
- github.com/ethereumjs/ethereumjs-monorepo/issues/395nvd
News mentions
0No linked articles in our index yet.