Tylerap

**Name of the Vulnerable Software and Affected Versions** ethereumjs-vm version 2.4.0 **Description** The issue allows attackers to cause a denial of service, leading to `vm.runCode` failure and REVERT, via a `code` attribute set to `Buffer.from(my code, 'hex')`. It's worth noting that the vendor disputes this, as REVERT is considered a normal bytecode that can be triggered from high-level source code, resulting in a normal programmatic execution result. **Recommendations** For ethereumjs-vm version 2.4.0, consider restricting the use of the `code` attribute with `Buffer.from(my code, 'hex')` to minimize the risk of denial of service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.