4 matches found
EUVD-2023-2641
Malicious code in bioql PyPI...
GHSA-498W-5J49-VQJG gnark unsoundness in variable comparison / non-unique binary decomposition
Impact For some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of a, for small values there exists a second decomposition for a+r where r is the modulus the values are being reduced by. The second decomposition was possib...
gnark unsoundness in variable comparison / non-unique binary decomposition
Impact For some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of a, for small values there exists a second decomposition for a+r where r is the modulus the values are being reduced by. The second decomposition was possib...
PT-2023-29214 · Gnark · Gnark
Name of the Vulnerable Software and Affected Versions: gnark versions prior to 0.9.0 Description: The issue concerns the construction of two valid decompositions to bits for some in-circuit values, due to overflowing the field where the values are defined. This allows a malicious prover to...