Skip to main content

EUVDEUVD-2025-19744

| CVE-2025-53359 MEDIUM
Improper Check for Unusual or Exceptional Conditions (CWE-754)
2025-07-02 security-advisories@github.com GHSA-3w94-vq2x-v5wr
6.9
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
6.9 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 16, 2026 - 01:55 euvd
EUVD-2025-19744
Analysis Generated
Mar 16, 2026 - 01:55 vuln.today
CVE Published
Jul 02, 2025 - 16:15 nvd
MEDIUM 6.9

DescriptionGitHub Advisory

ethereum is a common ethereum structs for Rust. Prior to ethereum crate v0.18.0, signature malleability (according to EIP-2) was only checked for "legacy" transactions, but not for EIP-2930, EIP-1559 and EIP-7702 transactions. This is a specification deviation. The signature malleability itself is not a security issue and not as high of a risk if the ethereum crate is used on a single-implementation blockchain. This issue has been patched in version v0.18.0. A workaround for this issue involves manually checking transaction malleability outside of the crate, however upgrading is recommended.

AnalysisAI

A security vulnerability in ethereum (CVSS 6.9). Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor. Affects ethereum.

RemediationAI

Monitor vendor channels for patch availability.

Share

EUVD-2025-19744 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy