2 matches found
CVE-2024-50354
gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0 and earlier, deserialization of Groth16 verification keys allocate excessive memory, consuming a lot of resources and triggering a crash with the error fatal error: runtime: out of memory...
Denial Of Service (DoS)
github.com/consensys/gnark is vulnerable to a Denial of Service DoS. The vulnerability is due to improper memory allocation handling during the deserialization of Groth16 verification keys, allowing attackers to trigger excessive memory allocation, leading to high memory consumption and potential...