Thomaspiellard

**Name of the Vulnerable Software and Affected Versions** Consensys gnark-crypto versions 0.11.2 and earlier **Description** The issue occurs due to the deserialisation of EdDSA and ECDSA signatures not ensuring that the data is in a certain interval, allowing Signature Malleability. **Recommendations** For Consensys gnark-crypto versions 0.11.2 and earlier, consider updating to a version that fixes the deserialisation issue of EdDSA and ECDSA signatures to prevent Signature Malleability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.