-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| evm | rust | <= 0.21.0 | 0.21.1 |
| evm-core | rust | <= 0.21.0 | 0.21.1 |
| evm | rust | = 0.22.0 | 0.22.1 |
| evm | rust | = 0.23.0 | 0.23.1 |
| evm | rust | = 0.24.0 | 0.24.1 |
| evm | rust | = 0.25.0 | 0.25.1 |
| evm | rust | = 0.26.0 | 0.26.1 |
| evm-core | rust | = 0.22.0 | 0.22.1 |
| evm-core | rust | = 0.23.0 | 0.23.1 |
| evm-core | rust | = 0.24.0 | 0.24.1 |
| evm-core | rust | = 0.25.0 | 0.25.1 |
| evm-core | rust | = 0.26.0 | 0.26.1 |
Miggo AIRoot Cause AnalysisThe vulnerability description explicitly mentions memory over-allocation in evm_core::Memory::copy_large. The fix commit shows an added early return for empty values in this function, indicating the vulnerability stemmed from processing zero-length copies. The CWE-770 mapping confirms this is a resource allocation issue. The direct correlation between the vulnerability description, CWE mapping, and commit diff provides high confidence in this assessment.
RustRustOngoing coverage of React2Shell