CVE-2023-44273: gnark-crypto doesn't range check input values during ECDSA and EdDSA signature deserialization

Severity: Critical

CVSS Score: 5.1

Consensys gnark-crypto through 0.11.2 allows Signature Malleability. This occurs because deserialisation of EdDSA and ECDSA signatures does not ensure that the data is in a certain interval.