Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2023-33252
iden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus.
Base Score