CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-28663

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.0023EPSS

Exploits1References5

SUSE CVE•added 2025/09/19 11:22 p.m.•1 views

SUSE CVE-2025-58157

gnark is a zero-knowledge proof system framework. In version 0.12.0, there is a potential denial of service vulnerability when computing scalar multiplication is using the fake-GLV algorithm. This is because the algorithm didn't converge quickly enough for some of the inputs. This issue has been...

7.5CVSS6.8AI score0.0023EPSS

Exploits1References2

RedhatCVE•added 2025/08/31 9:32 p.m.•2 views

CVE-2025-58157

7.5CVSS6.7AI score0.0023EPSS

Exploits1References1

NVD•added 2025/08/29 10:15 p.m.•1 views

CVE-2025-58157

7.5CVSS0.0023EPSS

Exploits1References4

CVE•added 2025/08/29 9:21 p.m.•29 views

CVE-2025-58157

The CVE-2025-58157 entry concerns gnark (v0.12.0) with a DoS when computing scalar multiplication using the fake-GLV algorithm, caused by slow convergence for some inputs. The issue has been fixed in v0.13.0. Connected sources (OSV- GO-2025-3929) corroborate a denial-of-service risk in the same f...

7.5CVSS6.2AI score0.0023EPSS

Exploits1References4Affected Software1

Cvelist•added 2025/08/29 9:21 p.m.•3 views

CVE-2025-58157 gnark affected by denial of service when computing scalar multiplication using fake-GLV algorithm

7.5CVSS0.0023EPSS

Exploits1References4

OSV•added 2025/08/29 9:21 p.m.•2 views

CVE-2025-58157 gnark affected by denial of service when computing scalar multiplication using fake-GLV algorithm

7.5CVSS6.3AI score0.0023EPSS

Exploits1References6

CNNVD•added 2025/08/29 12:0 a.m.•1 views

gnark 资源管理错误漏洞

gnark is a fast zk-SNARK library open-sourced by Consensys. for advanced APIs to design circuits. A resource management error vulnerability exists in gnark version 0.12.0, which stems from an improper calculation of the fake-GLV algorithm and could lead to a denial-of-service attack...

7.5CVSS6.4AI score0.0023EPSS

Exploits1References6

Positive Technologies•added 2025/08/29 12:0 a.m.•6 views

PT-2025-35319

Name of the Vulnerable Software and Affected Versions gnark versions prior to 0.13.0 Description gnark is a zero-knowledge proof system framework. A denial of service issue can occur when computing scalar multiplication using the fake-GLV algorithm in versions prior to 0.13.0. This is due to the...

9.9CVSS6.4AI score0.50933EPSS

Exploits20References49

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-11601 Malicious code in @zalastax/nolb-glv (npm)

The package @zalastax/nolb-glv was found to contain malicious code...

7.2AI score

Exploits0

Veracode•added 2023/10/09 5:59 a.m.•9 views

Incorrect Results In Exponentiation

gnark-crypto is vulnerable to Incorrect Results in Exponentiation. The vulnerability is due to the use of exponentiation à la GLV ExpGLV when the exponent exceeds the group order of the pairing target group GT. This sometimes results in incorrect outcomes compared to normal exponentiation Exp...

6.8AI score

Exploits0

Github Security Blog•added 2023/10/05 8:57 p.m.•34 views

gnark-crypto's exponentiation in the pairing target group GT using GLV can give incorrect results

Impact When the exponent is bigger than r, the group order of the pairing target group GT, the exponentiation à la GLV ExpGLV can sometimes give incorrect results compared to normal exponentiation Exp. The issue impacts all users using ExpGLV for exponentiations in GT. This does not impact Exp an...

6.8AI score

Exploits0References6Affected Software1

OSV•added 2023/10/05 8:57 p.m.•29 views

GHSA-PFFG-92CG-XF5C gnark-crypto's exponentiation in the pairing target group GT using GLV can give incorrect results

7AI score

Exploits0References6