11 matches found
GHSA-X2HW-PX52-WP4M rs-soroban-sdk: `Fr` scalar field equality comparison bypasses modular reduction
Security Advisory: Incorrect Equality for Fr Scalar Field Types BN254, BLS12-381 Summary Missing modular reduction in Fr causes incorrect equality comparisons for BN254 and BLS12-381 types in soroban-sdk. Impact The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values usin...
rs-soroban-sdk: `Fr` scalar field equality comparison bypasses modular reduction
Security Advisory: Incorrect Equality for Fr Scalar Field Types BN254, BLS12-381 Summary Missing modular reduction in Fr causes incorrect equality comparisons for BN254 and BLS12-381 types in soroban-sdk. Impact The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values usin...
CVE-2026-32322
soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...
CVE-2026-32322 soroban-sdk: `Fr` scalar field equality comparison bypasses modular reduction
soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...
CVE-2026-32322
Summary : The Soroban SDK (Rust) Fr scalar field types for BN254 and BLS12-381 were vulnerable prior to 22.0.11, 23.5.3, and 25.3.0 because equality comparisons used raw U256 values without reducing modulo the field modulus r. This could cause mathematically equal field elements to compare as une...
EUVD-2024-30427
Malicious code in bioql PyPI...
GHSA-F77Q-R5QM-W4M8 sp1-recursion-gnark-ffi has insufficient range checks of BabyBear arithmetic
The Gnark recursion circuit constrains arithmetic over BabyBear when the native field of the ZKP circuit is the BN254 scalar field. Proper implementation of this logic requires range checking Bn254 values to be less than the BabyBear modulus. In versions 1.2.0, functions like InvF and InvE used...
CVE-2024-32625
In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations...
CVE-2024-32625
CVE-2024-32625 concerns OffloadAMRWriter where a scalar field is not initialized, leaving an arbitrary value from prior computations. Multiple sources corroborate this, including the NVD entry for CVE-2024-32625 and related records. The vulnerability description identifies the root cause as an un...
CVE-2024-32625 Uninitialized scalar field
In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations...
GHSA-RJJM-X32P-M3F7 gnark's range checker gadget allows wider inputs up to word alignment
Impact gnark provides a gadget in the standard library to allow optimized checking of the bitwidth of the inputs. The gadget works by constructing a fixed lookup table containing all valid entries, partitioning the input and checking that all parts are inside the lookup table. The range checker...