Vulnerability Report: GO-2025-3997
- CVE-2025-61595, GHSA-qwvm-wqq8-8j69
- Affects: github.com/MANTRA-Chain/mantrachain, github.com/MANTRA-Chain/mantrachain/v2, and 2 more
- Published: Oct 23, 2025
github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks in github.com/MANTRA-Chain/mantrachain
For detailed information about this vulnerability, visit https://github.com/MANTRA-Chain/mantrachain/security/advisories/GHSA-qwvm-wqq8-8j69 or https://nvd.nist.gov/vuln/detail/CVE-2025-61595.
Affected Packages
-
PathVersionsSymbols
Aliases
References
- https://github.com/MANTRA-Chain/mantrachain/security/advisories/GHSA-qwvm-wqq8-8j69
- https://nvd.nist.gov/vuln/detail/CVE-2025-61595
- https://github.com/MANTRA-Chain/mantrachain/commit/30d36c46e9823b56b8f0dcbb66e980ca5df284e4
- https://github.com/MANTRA-Chain/mantrachain/issues/432
- https://vuln.go.dev/ID/GO-2025-3997.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.