Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.8 views

PT-2024-34163

Name of the Vulnerable Software and Affected Versions: gnark versions 0.11.0 and earlier Description: The issue is related to excessive memory allocation during the deserialization of Groth16 verification keys in gnark, leading to a denial of service DoS. This can cause the program to crash with ...

10CVSS8.2AI score0.97781EPSS
Exploits23References170
OSV
OSV
added 2024/09/06 7:40 p.m.15 views

GHSA-9XCG-3Q8V-7FQ6 gnark commitments to private witnesses in Groth16 as implemented break zero-knowledge property

This report concerns the Groth16 prover when used with commitments as in frontend.Committer. To simplify exposition of the issue, I will focus on the case of a single commitment, to only private witnesses. But the issue should be present whenever commitments are used that include private witnesse...

8.2CVSS5.5AI score0.00427EPSS
Exploits0References6
Fedora
Fedora
added 2019/10/18 12:48 a.m.32 views

[SECURITY] Fedora 29 Update: python-ecdsa-0.13.3-1.fc29

This is an easy-to-use implementation of ECDSA cryptography Elliptic Curve Digital Signature Algorithm, implemented purely in Python, released under the MIT license. With this library, you can quickly create keypairs signing key and verifying key, sign messages, and verify the signatures. The key...

7.5CVSS2.2AI score0.02505EPSS
Exploits0
OSV
OSV
added 2019/10/08 4:30 p.m.2 views

GHSA-PWFW-MGFJ-7G3G ecdsa Denial of Service vulnerability in signature verification and signature malleability

possible DoS in signature verification and signature malleability Impact Code using VerifyingKey.verify and VerifyingKey.verifydigest may receive exceptions other than the documented BadSignatureError when signatures are malformed. If those other exceptions are not caught, they may lead to progra...

8.7CVSS6.7AI score0.02505EPSS
Exploits0References8
Rows per page
Query Builder