166 matches found
SUSE-SU-2026:20354-1 Security update for libsodium
This update for libsodium fixes the following issues: - CVE-2025-15444: missing checks when validating elliptic curve points allows for cryptographic bypass bsc1256070...
SUSE-SU-2026:20242-1 Security update for libsodium
This update for libsodium fixes the following issues: - CVE-2025-15444: missing checks when validating elliptic curve points allows for cryptographic bypass bsc1256070...
Fedora: Security Advisory (FEDORA-2026-b7217393db)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-cb424f8aa2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2026-0004)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TencentOS Server 4: libsodium (TSSA-2026:0004)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0004 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
[SECURITY] Fedora 42 Update: libsodium-1.0.21-2.fc42
Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further. Its goal is to provide all of t...
Fedora 42 : libsodium (2026-b7217393db)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b7217393db advisory. Version 1.0.21 This point release includes all the changes from 1.0.20-stable, which include a security fix for the cryptocoreed25519isvalidpoint function, a...
Updated sodium packages fix security vulnerability
Libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group. CVE-2025-69277...
[SECURITY] Fedora 43 Update: libsodium-1.0.21-2.fc43
Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further. Its goal is to provide all of t...
Fedora 43 : libsodium (2026-cb424f8aa2)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cb424f8aa2 advisory. Version 1.0.21 This point release includes all the changes from 1.0.20-stable, which include a security fix for the cryptocoreed25519isvalidpoint function, a...
CVE-2019-20138
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...
Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium
...
OPENSUSE-SU-2026:10022-1 libsodium-devel-1.0.21-1.1 on GA media
These are all security issues fixed in the libsodium-devel-1.0.21-1.1 package on the GA media of openSUSE Tumbleweed...
Ubuntu: Security Advisory (USN-7949-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7949-1 libsodium vulnerability
It was discovered that Sodium incorrectly handled the elliptic curve point validity check in certain atypical use cases. This could result in invalid points being used, contrary to expectations...
SUSE CVE-2025-15444
Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium libsodium = 1.0.20 or a version of libsodium released before December 30, 2025 contains a vulnerability documented as CVE-2025-69277 https://vulners.com/cve/CVE-2025-69277 . The libsodium...
Debian: Security Advisory (DLA-4435-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : security/libsodium -- crypto_core_ed25519_is_valid_point mishandles checks for whether an elliptic curve point is valid (583b63f5-ebae-11f0-939f-47e3830276dd)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 583b63f5-ebae-11f0-939f-47e3830276dd advisory. Libsodium maintainer reports: The function cryptocoreed25519isvalidpoint, a low-level function used to...
[SECURITY] [DLA 4435-1] libsodium security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-4435-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 07, 2026 https://wiki.debian.org/LTS -...