13 matches found
EUVD-2025-0168
Malicious code in bioql PyPI...
Malicious code in zkpay-plonky2-contract (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca4c0b192b94b3273cd949b9abe540803dab23bf3c1acc0d6b5405efae321f4e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1263 Malicious code in zkpay-plonky2-contract (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca4c0b192b94b3273cd949b9abe540803dab23bf3c1acc0d6b5405efae321f4e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-24802
Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...
CVE-2025-24802
Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...
GHSA-HJ49-H7FQ-PX5H Soundness issue with Plonky2 look up tables
Impact Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens to be divisible by 26. The cause of problem is that the...
Soundness issue with Plonky2 look up tables
Impact Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens to be divisible by 26. The cause of problem is that the...
CVE-2025-24802 Soundness issue with Plonky2 look up tables
Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...
CVE-2025-24802 Soundness issue with Plonky2 look up tables
Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...
CVE-2025-24802
Summary of CVE-2025-24802 (Plonky2) : The vulnerability stems from padding zeroes in the LookupTableGate mechanism in Plonky2, where lookup tables whose length is not divisible by 26 (computed as floor(num_routed_wires/3)) will always include the 0 -> 0 input-output pair. This allows a malicio...
CVE-2025-24802 Soundness issue with Plonky2 look up tables
Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...
Plonky2 安全漏洞
Plonky2 is a repository open-sourced by Polygon Zero. A security vulnerability exists in Plonky2, which stems from the zero-padding mechanism originating from LookupTableGate, and could lead to a malicious prover proving that f0 = 0...
PT-2025-5578 · Plonky2 · Plonky2
Name of the Vulnerable Software and Affected Versions: Plonky2 versions prior to 1.0.1 Description: The issue concerns lookup tables in Plonky2, a SNARK implementation based on techniques from PLONK and FRI. If a lookup table's length is not divisible by 26, which is calculated as floornum routed...