CVE-2023-44273 Information

Description

Consensys gnark-crypto through 0.11.2 allows Signature Malleability. This occurs because deserialisation of EdDSA and ECDSA signatures does not ensure that the data is in a certain interval.

Reference

https://github.com/Consensys/gnark-crypto/pull/449 https://github.com/Consensys/gnark-crypto/releases https://verichains.io