Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:25 p.m.7 views

CVE-2021-38194

An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mulbyinverse method. Thus, a prover can produce a proof that is unsound but is nonetheless verified...

9.8CVSS6.8AI score0.01275EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2021/08/25 8:55 p.m.4 views

ark-bls12-377 (=0.2.0), ark-crypto-primitives (=0.2.0) +19 more potentially affected by CVE-2021-38194 via ark-r1cs-std (=0.2.0)

ark-r1cs-std CARGO version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ark-r1cs-std and may be impacted: - ark-bls12-377 =0.2.0 - ark-crypto-primitives =0.2.0 - ark-curve-constraint-tests =0.2.0 - ark-ed-on-bls12-377 =0.2.0 -...

9.8CVSS7.2AI score0.01275EPSS
Exploits1
Circl
Circl
added 2021/08/08 12:35 p.m.10 views

CVE-2021-38194

creationtimestamp| type| source ---|---|--- 2021-08-08 12:35:44+00:00| seen| https://t.me/cibsecurity/26981...

9.8CVSS8.6AI score0.01275EPSS
Exploits1References1
OSV
OSV
added 2021/08/08 6:15 a.m.3 views

CVE-2021-38194

An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mulbyinverse method. Thus, a prover can produce a proof that is unsound but is nonetheless verified...

9.8CVSS5.8AI score0.01275EPSS
Exploits1References2
CVE
CVE
added 2021/08/08 5:8 a.m.118 views

CVE-2021-38194

The CVE-2021-38194 issue affects the ark-r1cs-std crate for Rust (versions before 0.3.1). FieldVar::mul_by_inverse does not enforce constraints, allowing a malicious prover to produce an unsound proof that still verifies. The problem is caused by missing constraint checks in this method, compromi...

9.8CVSS9.3AI score0.01275EPSS
Exploits1References2Affected Software1
vulnersOsv
vulnersOsv
added 2021/07/08 12:0 p.m.5 views

ark-bls12-377 (=0.2.0), ark-crypto-primitives (=0.2.0) +19 more potentially affected by CVE-2021-38194 via ark-r1cs-std (=0.2.0)

ark-r1cs-std CARGO version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ark-r1cs-std and may be impacted: - ark-bls12-377 =0.2.0 - ark-crypto-primitives =0.2.0 - ark-curve-constraint-tests =0.2.0 - ark-ed-on-bls12-377 =0.2.0 -...

9.8CVSS7.2AI score0.01275EPSS
Exploits1
Rows per page
Query Builder