VDB
KO
MEDIUM 5.9

PYSEC-2026-806

Regular expression denial of service in eth-account

Details

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encode_structured_data method

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / eth-account
Introduced in: 0 Fixed in: 0.5.9
Fix pip install --upgrade 'eth-account>=0.5.9'

References