{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T06:47:33.197","vulnerabilities":[{"cve":{"id":"CVE-2021-29511","sourceIdentifier":"security-advisories@github.com","published":"2021-05-12T18:15:08.527","lastModified":"2024-11-21T06:01:16.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use `evm_core::Memory::copy_large`, the `evm` crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. The flaw was corrected in commit `19ade85`. Users should upgrade to `==0.21.1, ==0.23.1, ==0.24.1, ==0.25.1, >=0.26.1`. There are no workarounds. Please upgrade your `evm` crate version."},{"lang":"es","value":"evm es una implementación pura de Rust de Ethereum Virtual Machine. Anterior al parche, cuando se ejecutan códigos de operación EVM específicos relacionados con operaciones de memoria que usan la función \"evm_core::Memory::copy_large\", la crate \"evm\" puede sobreasignar memoria cuando no es necesaria, haciendo posible a un atacante llevar a cabo un ataque de denegación de servicio. El fallo fue corregido en el commit \"19ade85\". Los usuarios deberían actualizar a \"==0.21.1, ==0.23.1, ==0.24.1, ==0.25.1, )=0.26.1\". No existen soluciones alternativas. Por favor Actualice su versión de crate \"evm\""}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:evm_project:evm:*:*:*:*:*:rust:*:*","versionEndIncluding":"0.21.0","matchCriteriaId":"BC526576-249B-4C0E-AAF0-85614F8F42E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:evm_project:evm:0.22.0:*:*:*:*:rust:*:*","matchCriteriaId":"F18F86B1-8BED-4A6E-91A9-BB77819A3A6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:evm_project:evm:0.23.0:*:*:*:*:rust:*:*","matchCriteriaId":"07E8CA2D-3CF8-4069-9F3F-D9CB0E6FB182"},{"vulnerable":true,"criteria":"cpe:2.3:a:evm_project:evm:0.24.0:*:*:*:*:rust:*:*","matchCriteriaId":"E70A1FF9-F6EE-486B-9E91-A6548E624A02"},{"vulnerable":true,"criteria":"cpe:2.3:a:evm_project:evm:0.25.0:*:*:*:*:rust:*:*","matchCriteriaId":"4D49607D-993F-44D7-A144-68B4939B6B2D"},{"vulnerable":true,"criteria":"cpe:2.3:a:evm_project:evm:0.26.0:*:*:*:*:rust:*:*","matchCriteriaId":"2C81A330-9BAF-4CC7-BA5C-69164C4A6189"}]}]}],"references":[{"url":"https://crates.io/crates/evm","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/rust-blockchain/evm/commit/19ade858c430ab13eb562764a870ac9f8506f8dd","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/rust-blockchain/evm/security/advisories/GHSA-4jwq-572w-4388","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://crates.io/crates/evm","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/rust-blockchain/evm/commit/19ade858c430ab13eb562764a870ac9f8506f8dd","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/rust-blockchain/evm/security/advisories/GHSA-4jwq-572w-4388","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}