CVE-2017-14457

Name of the Vulnerable Software and Affected Versions: CPP-Ethereum (affected versions not specified)

Description: An exploitable information leak/denial of service issue exists in the libevm (Ethereum Virtual Machine) create2 opcode handler. A specially crafted smart contract code can cause an out-of-bounds read, leading to memory disclosure or denial of service. An attacker can create/send malicious smart contract code to trigger this issue.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this issue.