3 matches found
CVE-2023-44273
creationtimestamp| type| source ---|---|--- 2023-09-28 07:49:41+00:00| seen| https://t.me/cibsecurity/71174...
CVE-2023-44273
Consensys gnark-crypto through 0.11.2 allows Signature Malleability. This occurs because deserialisation of EdDSA and ECDSA signatures does not ensure that the data is in a certain interval...
CVE-2023-44273
CVE-2023-44273 (gnark-crypto) affects github.com/consensys/gnark-crypto up to v0.11.2. During ECDSA/EdDSA signature deserialization, the library does not enforce that values lie in the range [1, n−1], enabling signature malleability and potential DoS. The issue has been fixed in v0.12.0 (PR #449)...