SUSE-SU-2026:21431-1 Security update for python-PyNaCl

This update for python-PyNaCl fixes the following issues: Security fixes: - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint function bsc1255764. Other fixes: - update to 1.6.2 bsc1255764, CVE-2025-69277:...

SUSE-SU-2026:21393-1 Security update for libsodium

This update for libsodium fixes the following issues: Security fixes: - CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation bsc1256070. - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...

CVE-2026-4395

Heap-based buffer overflow in the KCAPI ECC code path of wceccimportx963ex in wolfSSL wolfcrypt allows a remote attacker to write attacker-controlled data past the bounds of the pubkeyraw buffer via a crafted oversized EC public key point. The WOLFSSLKCAPIECC code path copies the input to...

CVE-2026-22699

RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography ECC support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a denial-of-service vulnerability...

CVE-2025-69277

libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...

CVE-2015-7511

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations...

CVE-2015-7511

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations...

CVE-2015-7511

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations...

CVE-2015-7511

CVE-2015-7511 affects Libgcrypt up to version 1.6.4 (pre-1.6.5). The issue is an improper elliptic‑point curve multiplication during decryption that enables physical side‑channel leakage of ECDH private keys via electromagnetic emanations. Remediation is upgrading Libgcrypt to fixed releases (e.g...

CVE-2015-7511

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations...