CVE-2018-19184: NULL Pointer Dereference

June 29, 2021

cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode.

References

github.com/advisories/GHSA-9h4h-8w5p-f28w
github.com/ethereum/go-ethereum/commit/83e2761c3a13524bd5d6597ac08994488cf872ef
github.com/ethereum/go-ethereum/commit/fb9f7261ec51e38eedb454594fc19f00de1a6834
github.com/ethereum/go-ethereum/issues/18069
nvd.nist.gov/vuln/detail/CVE-2018-19184

Detect and mitigate CVE-2018-19184 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →