The vulnerability of the encode_structured_data method in the PyPI eth-account package allows a attacker to cause a service failure.

The vulnerability of the encodestructureddata method in the PyPI package eth-account is related to incorrect data input used as a condition for loop execution. Exploiting this vulnerability could allow an attacker to cause service failures...

Security feature bypass

An exponential ReDoS Regular Expression Denial of Service can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encodestructureddata method...

eth_account 安全漏洞

ethaccount is an ethereum account generator. A security vulnerability exists in versions of ethaccount prior to 0.5.9, which can be exploited by an attacker to trigger an exponential ReDoS in the eth-account PyPI package when providing arbitrary input to the encodestructureddata method...

PT-2022-4437 · Pypi · Eth-Account

Name of the Vulnerable Software and Affected Versions: eth-account affected versions not specified Description: The issue is related to an exponential ReDoS Regular Expression Denial of Service that can be triggered in the eth-account PyPI package. This occurs when an attacker is able to supply...