miden-crypto is vulnerable to Sensitive Information Exposure
35
Low Risk
Several secret-key deserialization paths in miden-crypto read raw key bytes into a transient local buffer that was not wiped before that buffer was dropped. The ECDSA over secp256k1 secret-key reader left its buffer un-wiped on the early error return when byte validation rejected the input, while the Falcon512 and Poseidon2 AEAD secret-key readers never wiped their read buffers on any path, and decoded Falcon coefficient buffers were also left in place. As a result raw secret-key material could linger in freed process memory after deserialization, widening the window for recovery through memory inspection, swap, or core dumps. The fix adds a read_sensitive_array helper that returns the buffer wrapped in zeroize::Zeroizing so it is wiped on drop regardless of the exit path, migrates the affected readers to it, and wraps the decoded Falcon coefficient buffers in Zeroizing.
You are affected if you are using a version that falls within the vulnerable range and deserialize Falcon512, ECDSA-k256, or AEAD secret keys.
miden-crypto is vulnerable to Sensitive Information Exposure in versions 0.9.0 - 0.27.0.
Upgrade the miden-crypto library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

I consent to receiving marketing communications based on Aikido’s Privacy Policy.
SOC 2Compliant
ISO 27001Compliant