CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-58157

gnark is a zero-knowledge proof system framework. In version 0.12.0, there is a potential denial of service vulnerability when computing scalar multiplication is using the fake-GLV algorithm. This is because the algorithm didn't converge quickly enough for some of the inputs. This issue has been patched in version 0.13.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.1%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/Consensys/gnark-crypto/commit/56600883e0e9f9b159e9c7000b94e76185ec3d0d
https://github.com/Consensys/gnark/commit/68be6cede36e387ab760725beabd3c96cc94e6dc
https://github.com/Consensys/gnark/issues/1483
https://github.com/Consensys/gnark/security/advisories/GHSA-9fvj-xqr2-xwg8

Products affected by CVE-2025-58157

Consensys » Gnark » Version: 0.12.0

cpe:2.3:a:consensys:gnark:0.12.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-58157

Products

Pricing

Contact Us