CVE-2023-33252
iden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus.
Source: CVE-2023-33252
CVE-2023-33252
iden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus.
Source: CVE-2023-33252