gnark is a zero-knowledge proof system framework. In version 0.12.0, there is a potential denial of service vulnerability when computing scalar multiplication is using the fake-GLV algorithm. This is because the algorithm didn't converge quickly enough for some of the inputs. This issue has been patched in version 0.13.0.
Metrics
Affected Vendors & Products
References
History
Tue, 02 Sep 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sun, 31 Aug 2025 08:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Consensys
Consensys gnark |
|
Vendors & Products |
Consensys
Consensys gnark |
Fri, 29 Aug 2025 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | gnark is a zero-knowledge proof system framework. In version 0.12.0, there is a potential denial of service vulnerability when computing scalar multiplication is using the fake-GLV algorithm. This is because the algorithm didn't converge quickly enough for some of the inputs. This issue has been patched in version 0.13.0. | |
Title | gnark affected by denial of service when computing scalar multiplication using fake-GLV algorithm | |
Weaknesses | CWE-400 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-09-02T14:09:48.386Z
Reserved: 2025-08-27T13:34:56.186Z
Link: CVE-2025-58157

Updated: 2025-09-02T14:09:44.231Z

Status : Awaiting Analysis
Published: 2025-08-29T22:15:32.700
Modified: 2025-09-02T15:55:35.520
Link: CVE-2025-58157

No data.

Updated: 2025-08-31T08:41:34Z