GO-2025-4087 Unchecked memory allocation during vector deserialization in github.com/consensys/gnark-crypto

Unchecked memory allocation during vector deserialization in github.com/consensys/gnark-crypto...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...

gnark-crypto doesn't range check input values during ECDSA and EdDSA signature deserialization

During deserialization of ECDSA and EdDSA signatures gnark-crypto did not check that the values are in the range 1, n-1 with n being the corresponding modulus either base field modulus in case of R in EdDSA, and scalar field modulus in case of s,r in ECDSA and s in EdDSA. As this also allowed zer...

EUVD-2023-2485

Malicious code in bioql PyPI...

gnark 数据伪造问题漏洞

gnark is a fast zk-SNARK library open-sourced by Consensys. for advanced APIs to design circuits. A data forgery issue vulnerability exists in versions prior to gnark 0.14.0, which stems from incomplete signature verification and could lead to signature malleability attacks...

CVE-2024-23688

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed...

GO-2024-3244 Gnark out-of-memory during deserialization with crafted inputs in github.com/consensys/gnark

Gnark out-of-memory during deserialization with crafted inputs in github.com/consensys/gnark...

Gnark out-of-memory during deserialization with crafted inputs

Thanks @pventuzelo for reporting. From the correspondence: Hi, We Fuzzinglabs & Lambdaclass found that during deserialization of certain files representing a VerifyingKey, an excessive memory allocation is happening consuming a lot of resources and even triggering a crash with the error fatal...

Sensitive Information Exposure

github.com/consensys/gnark is vulnerable to Sensitive Information Exposure. The vulnerability is caused by the same σ being used for all proofs of knowledge for commitments, allowing mixing between them. This makes it possible to fix the value of all but one commitment before selecting the circui...

MAL-2024-2017 Malicious code in consensys-v2 (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in consensys-v2 (npm)

--- -= Per source details. Do not edit below this line.=-...

Improper Input Validation

github.com/consensys/gnark is vulnerable to Improper Input Validation. The vulnerability is due to a lack of width validation in the range checker gadget. The Range checker allows inputs to be up to 16 bits wider than checked...

Signature Malleability

github.com/consensys/gnark-crypto is vulnerable to Signature Malleability. The vulnerability is due to the deserialization process of EdDSA and ECDSA signatures which does not ensure that the data is in a certain interval. This can be exploited to mount a Signature Malleability attack...

GHSA-WP4M-7HPJ-8QP8 Duplicate Advisory: Discovery uses the same AES/GCM Nonce throughout the session

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w3hj-wr2q-x83g. This link is maintained to preserve external references. Original Description Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally...

CVE-2024-23688

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed...

CVE-2024-23688

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed...

Code injection

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed...

CVE-2024-23688

Consensys Discovery

CVE-2024-23688 Consensys Discovery Nonce Reuse

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed...