CVE-2025-53359

Name of the Vulnerable Software and Affected Versions: ethereum crate versions prior to 0.18.0

Description: The issue concerns a specification deviation in the ethereum crate for Rust, where signature malleability according to EIP-2 was only checked for "legacy" transactions, but not for EIP-2930, EIP-1559, and EIP-7702 transactions. This is not a high-risk security issue, especially if the crate is used on a single-implementation blockchain.

Recommendations: For versions prior to 0.18.0, upgrade to version 0.18.0 to resolve the issue. As a temporary workaround, consider manually checking transaction malleability outside of the crate.