Количество 2
Количество 2
CVE-2025-57801
gnark is a zero-knowledge proof system framework. In versions prior to 0.14.0, the Verify function in eddsa.go and ecdsa.go used the S value from a signature without asserting that 0 ≤ S < order, leading to a signature malleability vulnerability. Because gnark’s native EdDSA and ECDSA circuits lack essential constraints, multiple distinct witnesses can satisfy the same public inputs. In protocols where nullifiers or anti-replay checks are derived from R and S, this enables signature malleability and may allow double spending. This issue has been addressed in version 0.14.0.
GHSA-95v9-hv42-pwrj
gnark is vulnerable to signature malleability in EdDSA and ECDSA due to missing scalar checks
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-57801 gnark is a zero-knowledge proof system framework. In versions prior to 0.14.0, the Verify function in eddsa.go and ecdsa.go used the S value from a signature without asserting that 0 ≤ S < order, leading to a signature malleability vulnerability. Because gnark’s native EdDSA and ECDSA circuits lack essential constraints, multiple distinct witnesses can satisfy the same public inputs. In protocols where nullifiers or anti-replay checks are derived from R and S, this enables signature malleability and may allow double spending. This issue has been addressed in version 0.14.0. | CVSS3: 9.1 | 0% Низкий | 6 месяцев назад |
| GHSA-95v9-hv42-pwrj gnark is vulnerable to signature malleability in EdDSA and ECDSA due to missing scalar checks | CVSS3: 9.1 | 0% Низкий | 6 месяцев назад |
Уязвимостей на страницу