Lucene search
Veracode Vulnerability DatabaseVERACODE:43567HistoryOct 06, 2023 - 9:52 a.m.
Integer Overflow
2023-10-0609:52:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
consensys gnark
vulnerability
integer overflow
in-circuit values
unintended behavior
software
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
EPSS
0.001
Percentile
44.0%
github.com/consensys/gnark is vulnerable to Integer Overflow. The vulnerability is due to some in-circuit values having two valid decomposition bits, which could result in unintended behavior.
Related
nvd
nvd
CVE-2023-44378
2023-10-09 14:15:10
prion
prion
Design/Logic Flaw
2023-10-09 14:15:00
cvelist
cvelist
cve
cve
CVE-2023-44378
2023-10-09 14:15:10
osv
osv
Unsoundness in variable comparison / non-unique binary decomposition in github.com/consensys/gnark
2023-10-09 21:29:55
CVE-2023-44378
2023-10-09 14:15:10
gnark unsoundness in variable comparison / non-unique binary decomposition
2023-10-04 14:44:08
vulnrichment
vulnrichment
github
github
gnark unsoundness in variable comparison / non-unique binary decomposition
2023-10-04 14:44:08
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
EPSS
0.001
Percentile
44.0%
Related for VERACODE:43567