Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/15 6:57 p.m.2 views

EUVD-2025-34686

gnark-crypto doesn't range check input values during ECDSA and EdDSA signature deserialization...

6.5AI score
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/10/15 6:57 p.m.10 views

gnark-crypto doesn't range check input values during ECDSA and EdDSA signature deserialization

Impact During deserialization of ECDSA and EdDSA signatures gnark-crypto did not check that the values are in the range 1, n-1 with n being the corresponding modulus either base field modulus in case of R in EdDSA, and scalar field modulus in case of s,r in ECDSA and s in EdDSA. As this also...

9.8CVSS6.8AI score0.00844EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/10/15 6:57 p.m.3 views

GHSA-FR8M-434R-G3XP gnark-crypto doesn't range check input values during ECDSA and EdDSA signature deserialization

Impact During deserialization of ECDSA and EdDSA signatures gnark-crypto did not check that the values are in the range 1, n-1 with n being the corresponding modulus either base field modulus in case of R in EdDSA, and scalar field modulus in case of s,r in ECDSA and s in EdDSA. As this also...

5.1CVSS6.8AI score0.00844EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2025/10/15 12:0 a.m.12 views

Duplicate

This advisory duplicates another...

5.9AI score
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/09/28 12:0 a.m.5 views

Duplicate Advisory: Consensys gnark-crypto allows Signature Malleability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-fr8m-434r-g3xp. This link is maintained to preserve external references. Original Description Consensys gnark-crypto through 0.11.2 allows Signature Malleability. This occurs because deserialisation of EdDSA and...

9.8CVSS5.4AI score0.00844EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder