5 matches found
EUVD-2024-2851
Malicious code in bioql PyPI...
CVE-2024-45039
gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Versions prior to 0.11.0 have a soundness issue - in case of multiple commitments used inside the circuit the prover is able to choose all but the last commitment. As gnark uses the commitments for optimized...
CVE-2024-45039 gnark's Groth16 commitment extension unsound for more than one commitment
gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Versions prior to 0.11.0 have a soundness issue - in case of multiple commitments used inside the circuit the prover is able to choose all but the last commitment. As gnark uses the commitments for optimized...
CVE-2024-45039
CVE-2024-45039 (gnark) affects gnark up to version 0.10.x; reported soundness issue arises when multiple commitments are used inside a circuit, allowing the prover to select all but the last commitment. gnark relies on commitments for optimized non-native multiplication and other checks, which co...
PT-2024-31389 · Gnark · Gnark
Name of the Vulnerable Software and Affected Versions: gnark versions prior to 0.11.0 Description: The issue is a soundness problem in the gnark zk-SNARK library. When multiple commitments are used inside a circuit, the prover can choose all but the last commitment. This could impact the soundnes...