CNNVD-202508-3482 Information
CNNVD ID
CNNVD-202508-3482
Related CVE
- CNNVD Published: 2025-08-29
Description (Chinese)
gnark是Consensys开源的一个快速的 zk-SNARK 库。供高级 API 来设计电路。 gnark 0.12.0版本存在资源管理错误漏洞,该漏洞源于fake-GLV算法计算不当,可能导致拒绝服务攻击。
Description (English)
gnark is a fast zk-SNARK library of the Connsys open source. For advanced API to design circuits. Version gnark 0.12.0 contains a misdirection of resource management, which stems from miscalculated fake-GLV algorithms, which may lead to a denial of service attack.
Hazard Level
Medium
Vulnerability Type
资源管理错误
Affected Vendor
Consumer
Published
2025-08-29
Last Modified
2026-02-24
References
https://github.com/Consensys/gnark/security/advisories/GHSA-9fvj-xqr2-xwg8 https://github.com/Consensys/gnark/issues/1483 https://github.com/Consensys/gnark/commit/68be6cede36e387ab760725beabd3c96cc94e6dc https://github.com/Consensys/gnark-crypto/commit/56600883e0e9f9b159e9c7000b94e76185ec3d0d https://access.redhat.com/security/cve/cve-2025-58157 https://nvd.nist.gov/vuln/detail/CVE-2025-58157
Patch
https://github.com/Consensys/gnark/releases
Share on: