CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-41153

The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. This is a **high** severity security advisory if you use `evm` crate for Ethereum mainnet. In this case, you should update your library dependency immediately to on or after `0.31.0`. This is a **low** severity security advisory if you use `evm` crate in Frontier or in a standalone blockchain, because there's no security exploit possible with this advisory. It is **not** recommended to update to on or after `0.31.0` until all the normal chain upgrade preparations have been done. If you use Frontier or other `pallet-evm` based Substrate blockchain, please ensure to update your `spec_version` before updating this. For other blockchains, please make sure to follow a hard-fork process before you update this.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.7%

CVSS Severity

CVSS v3 Score 8.7

CVSS v2 Score 7.5

References

Products affected by CVE-2021-41153

Evm Project » Evm » Version: N/A

cpe:2.3:a:evm_project:evm:-
Evm Project » Evm » Version: 0.11.0

cpe:2.3:a:evm_project:evm:0.11.0
Evm Project » Evm » Version: 0.11.1

cpe:2.3:a:evm_project:evm:0.11.1
Evm Project » Evm » Version: 0.13.0

cpe:2.3:a:evm_project:evm:0.13.0
Evm Project » Evm » Version: 0.13.1

cpe:2.3:a:evm_project:evm:0.13.1
Evm Project » Evm » Version: 0.14.0

cpe:2.3:a:evm_project:evm:0.14.0
Evm Project » Evm » Version: 0.14.1

cpe:2.3:a:evm_project:evm:0.14.1
Evm Project » Evm » Version: 0.14.2

cpe:2.3:a:evm_project:evm:0.14.2
Evm Project » Evm » Version: 0.15.0

cpe:2.3:a:evm_project:evm:0.15.0
Evm Project » Evm » Version: 0.16.0

cpe:2.3:a:evm_project:evm:0.16.0
Evm Project » Evm » Version: 0.16.1

cpe:2.3:a:evm_project:evm:0.16.1
Evm Project » Evm » Version: 0.17.0

cpe:2.3:a:evm_project:evm:0.17.0
Evm Project » Evm » Version: 0.17.1

cpe:2.3:a:evm_project:evm:0.17.1
Evm Project » Evm » Version: 0.17.2

cpe:2.3:a:evm_project:evm:0.17.2
Evm Project » Evm » Version: 0.17.3

cpe:2.3:a:evm_project:evm:0.17.3
Evm Project » Evm » Version: 0.18.0

cpe:2.3:a:evm_project:evm:0.18.0
Evm Project » Evm » Version: 0.18.3

cpe:2.3:a:evm_project:evm:0.18.3
Evm Project » Evm » Version: 0.18.4

cpe:2.3:a:evm_project:evm:0.18.4
Evm Project » Evm » Version: 0.18.5

cpe:2.3:a:evm_project:evm:0.18.5
Evm Project » Evm » Version: 0.19.0

cpe:2.3:a:evm_project:evm:0.19.0
Evm Project » Evm » Version: 0.20.0

cpe:2.3:a:evm_project:evm:0.20.0
Evm Project » Evm » Version: 0.21.0

cpe:2.3:a:evm_project:evm:0.21.0
Evm Project » Evm » Version: 0.22.0

cpe:2.3:a:evm_project:evm:0.22.0
Evm Project » Evm » Version: 0.22.1

cpe:2.3:a:evm_project:evm:0.22.1
Evm Project » Evm » Version: 0.23.0

cpe:2.3:a:evm_project:evm:0.23.0
Evm Project » Evm » Version: 0.24.0

cpe:2.3:a:evm_project:evm:0.24.0
Evm Project » Evm » Version: 0.25.0

cpe:2.3:a:evm_project:evm:0.25.0
Evm Project » Evm » Version: 0.26.0

cpe:2.3:a:evm_project:evm:0.26.0
Evm Project » Evm » Version: 0.27.0

cpe:2.3:a:evm_project:evm:0.27.0
Evm Project » Evm » Version: 0.28.0

cpe:2.3:a:evm_project:evm:0.28.0
Evm Project » Evm » Version: 0.29.0

cpe:2.3:a:evm_project:evm:0.29.0
Evm Project » Evm » Version: 0.30.0

cpe:2.3:a:evm_project:evm:0.30.0
Evm Project » Evm » Version: 0.30.1

cpe:2.3:a:evm_project:evm:0.30.1
Evm Project » Evm » Version: 0.6.2

cpe:2.3:a:evm_project:evm:0.6.2
Evm Project » Evm » Version: 0.7.0

cpe:2.3:a:evm_project:evm:0.7.0
Evm Project » Evm » Version: 0.7.1

cpe:2.3:a:evm_project:evm:0.7.1
Evm Project » Evm » Version: 0.9.2

cpe:2.3:a:evm_project:evm:0.9.2
Evm Project » Evm » Version: 0.9.3

cpe:2.3:a:evm_project:evm:0.9.3
Evm Project » Evm » Version: 0.9.4

cpe:2.3:a:evm_project:evm:0.9.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-41153

Products

Pricing

Contact Us