Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

NVD
NVDadded 2023/10/09 2:15 p.m.10 views

CVE-2023-44378

gnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of a, for small values there exists a second decomposition for a...

7.1CVSS6.9AI score0.00035EPSS
Exploits0References3
Prion
Prionadded 2023/10/09 2:15 p.m.18 views

Design/Logic Flaw

gnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of a, for small values there exists a second decomposition for a...

1.7CVSS5.4AI score0.00035EPSS
Exploits0References3Affected Software1
Veracode
Veracodeadded 2023/10/06 9:52 a.m.11 views

Integer Overflow

github.com/consensys/gnark is vulnerable to Integer Overflow. The vulnerability is due to some in-circuit values having two valid decomposition bits, which could result in unintended behavior...

7.1CVSS6.8AI score0.00035EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blogadded 2023/10/04 2:44 p.m.32 views

gnark unsoundness in variable comparison / non-unique binary decomposition

Impact For some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of a, for small values there exists a second decomposition for a+r where r is the modulus the values are being reduced by. The second decomposition was possib...

7.1CVSS6.3AI score0.00035EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2023/10/04 2:44 p.m.29 views

GHSA-498W-5J49-VQJG gnark unsoundness in variable comparison / non-unique binary decomposition

Impact For some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of a, for small values there exists a second decomposition for a+r where r is the modulus the values are being reduced by. The second decomposition was possib...

5.5CVSS5.9AI score0.00035EPSS
Exploits0References7
Rows per page
Query Builder