Skip to main content

Gnark Crypto

3 CVEs product

Monthly

CVE-2024-45040 Go MEDIUM PATCH This Month

gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Gnark Crypto
NVD GitHub
CVSS 3.1
5.9
EPSS
0.4%
CVE-2024-45039 Go MEDIUM PATCH This Month

gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gnark Crypto
NVD GitHub
CVSS 3.1
6.2
EPSS
0.2%
CVE-2023-44273 Go CRITICAL PATCH Act Now

Consensys gnark-crypto through 0.11.2 allows Signature Malleability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Gnark Crypto
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Gnark Crypto
NVD GitHub
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gnark Crypto
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Consensys gnark-crypto through 0.11.2 allows Signature Malleability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Gnark Crypto
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy