CVE-2025-29072

Published: Mar 27, 2025

Modified: Mar 28, 2025

PUBLISHED

Description

An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop (and high CPU usage) by submitting a malicious Declare v2/v3 transaction. This results in a denial-of-service condition for affected Starknet full-node implementations.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://community.starknet.io/t/starknet-security-update-potential-full-node-vulnerability-recap/115314

https://github.com/NethermindEth/juno/commit/51074875941aa111c5dd2b41f2ec890a4a15b587

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-29072

Description

Affected Products

References