CVE-2025-29072 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allo…
High CVSS: 7.5

CVE-2025-29072

An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop (and high CPU usage) by submitting a malicious Declare v2/v3 transaction. This results in a denial-of-service condition for affected Starknet full-node implementations.
Vendor
Nethermind
Product
Juno
CWE
CWE-190
Yayın Tarihi
2025-03-27 16:15:30
Güncelleme
2025-04-11 17:20:02
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-190 Juno HIGH Nethermind 2025

Referanslar

https://community.starknet.io/t/starknet-security-update-potential-full-node-vulnerability-recap/115314 https://github.com/NethermindEth/juno/commit/51074875941aa111c5dd2b41f2ec890a4a15b587