Upgrade vulnerable Prover dependencies

The Prover is currently using the **gnark** library version `0.12` as shown below:
https://github.com/Consensys/linea-monorepo/blob/78d79d0286cec7d5a2c20f6ea8e74dfb9244ffd8/prover/go.mod#L8

The mentioned version is affected by two publicly-known vulnerabilities. See: https://github.com/advisories/GHSA-9fvj-xqr2-xwg8 and https://github.com/advisories/GHSA-95v9-hv42-pwrj. Even though they may not be currently affecting the Prover, it is recommended to upgrade to the latest version available. At the time of writing this is `0.14`: https://github.com/Consensys/gnark/releases/tag/v0.14.0

For more information:
- https://www.cve.org/CVERecord?id=CVE-2025-57801
- https://www.cve.org/CVERecord?id=CVE-2025-58157

Additionally, consider upgrading to the latest version of Go available at the time of writing `1.24.9`.
https://github.com/Consensys/linea-monorepo/blob/78d79d0286cec7d5a2c20f6ea8e74dfb9244ffd8/prover/go.mod#L3

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Upgrade vulnerable Prover dependencies #1650

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Upgrade vulnerable Prover dependencies #1650

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions