CVE-2025-69277
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-69277
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-69277.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-69277
- Aliases
- Downstream
- Related
- Published
- 2025-12-31T06:15:41.513Z
- Modified
- 2026-01-09T07:59:52.441615Z
- Severity
-
- 4.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.
- References
-
- https://00f.net/2025/12/30/libsodium-vulnerability/
- https://ianix.com/pub/ed25519-deployment.html
- https://news.ycombinator.com/item?id=46435614
- https://lists.debian.org/debian-lts-announce/2026/01/msg00004.html
- https://github.com/pyca/pynacl/issues/920
- https://github.com/jedisct1/libsodium/commit/ad3004ec8731730e93fcfbbc824e67eadc1c1bae
- https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7
- https://github.com/pyca/pynacl/commit/ecf41f55a3d8f1e10ce89c61c4b4d67f3f4467cf
Affected packages
Git / github.com/jedisct1/libsodium
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jedisct1/libsodium
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.1
0.2
0.3
0.4
0.4.1
0.4.2
0.4.3
0.4.4
0.4.5
0.5.0
0.6.0
0.6.1
0.7.0
0.7.1
1.*
1.0.0
1.0.1
1.0.10
1.0.11
1.0.12
1.0.13
1.0.14
1.0.15
1.0.16
1.0.17-RELEASE
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.0.9
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-69277.json"
vanir_signatures
[
{
"deprecated": false,
"id": "CVE-2025-69277-19ea9e1a",
"digest": {
"length": 15913.0,
"function_hash": "271864492409172204729158493267951380532"
},
"source": "https://github.com/jedisct1/libsodium/commit/ad3004ec8731730e93fcfbbc824e67eadc1c1bae",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "test/default/core_ed25519.c",
"function": "main"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-39af8400",
"digest": {
"threshold": 0.9,
"line_hashes": [
"241291362390970966119687003418518640000",
"148998168988971462501772092656155965283",
"180662736039736298842660616799743332709",
"236781085191269839238480224756322864215",
"244725727458201247031675736095252993838",
"11419066337079980079544781403154436620",
"207472804640406634179816897796173202",
"40219272335220661788972820483796946923",
"64018105627283189161448413090029376271",
"250432648790730546764706619234776830385",
"251242987065344112180028105881764441916"
]
},
"source": "https://github.com/jedisct1/libsodium/commit/ad3004ec8731730e93fcfbbc824e67eadc1c1bae",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "test/default/core_ed25519.c"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-52bcd3fc",
"digest": {
"threshold": 0.9,
"line_hashes": [
"85590579739442630473906153250189822304",
"240838851987162662003026314670961205689",
"321302984625379645327288223242572254769",
"152774947681641221797454343977315974438",
"208498853723714622487037809059887703408",
"328476950466293324903342946523090922299"
]
},
"source": "https://github.com/jedisct1/libsodium/commit/ad3004ec8731730e93fcfbbc824e67eadc1c1bae",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-6d6782e4",
"digest": {
"length": 113.0,
"function_hash": "225152862173646219701680893385147273816"
},
"source": "https://github.com/jedisct1/libsodium/commit/ad3004ec8731730e93fcfbbc824e67eadc1c1bae",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c",
"function": "ge25519_is_on_main_subgroup"
}
}
]
Git / github.com/pyca/pynacl
Affected ranges
- Type
- GIT
- Repo
- https://github.com/pyca/pynacl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
1.*
1.0
1.0.1
1.1.0
1.2.0
1.2.1
1.3.0
1.4.0
1.5.0
1.6.0
1.6.1
v0.*
v0.1.0
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-69277.json"
vanir_signatures
[
{
"deprecated": false,
"id": "CVE-2025-69277-0eebc82f",
"digest": {
"threshold": 0.9,
"line_hashes": [
"212545448405461152803791335135381267992",
"312151617226326667937593172010765607184",
"128278506161363206868872993598123823558",
"97497220593994685154155231351966729460",
"310808618129524909767814430476004010864",
"154768585138651621607283027763529720073",
"180696666794389501438063077626441674698",
"150740775544592619137927485032492522528",
"253400393258293317607046817605801537889",
"255691829547427693948759257568608812603"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/include/sodium/crypto_stream_xsalsa20.h"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-1beb1521",
"digest": {
"length": 2544.0,
"function_hash": "131398867109942479293434355925474420725"
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/libsodium/test/default/kdf_hkdf.c",
"function": "tv_kdf_hkdf"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-20b32581",
"digest": {
"length": 574.0,
"function_hash": "114222562660225395884701128546251842119"
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/libsodium/src/libsodium/crypto_aead/aegis256/aead_aegis256.c",
"function": "crypto_aead_aegis256_decrypt_detached"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-2cf27545",
"digest": {
"threshold": 0.9,
"line_hashes": [
"148238756903952498516459527517699170239"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/crypto_scalarmult/curve25519/scalarmult_curve25519.h"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-31afbf34",
"digest": {
"threshold": 0.9,
"line_hashes": [
"35763523153553856297749739822295708132",
"312151617226326667937593172010765607184",
"320520205424720240201807941609053313374",
"330301186823042395155303222349190063360",
"58224188167111022504761544212561448149",
"93299447852417317163792918148399519125",
"180696666794389501438063077626441674698",
"150740775544592619137927485032492522528",
"20517079455102808591930632087852455797",
"297096546128251582609800710212822579643"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/include/sodium/crypto_stream_xchacha20.h"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-3f16fc82",
"digest": {
"threshold": 0.9,
"line_hashes": [
"271663594888348870267900484049100300630",
"290771201144189714746254621497741573569",
"144383736438328453684736026435437667810",
"273911687074447114566193087324323294498"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/include/sodium/crypto_stream_salsa208.h"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-5aedfddf",
"digest": {
"length": 3579.0,
"function_hash": "274013126951256067048460190524740750409"
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/libsodium/test/default/scalarmult_ed25519.c",
"function": "main"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-5e41f4cd",
"digest": {
"threshold": 0.9,
"line_hashes": [
"109114691463905260914974025536239080913",
"127618696265037936443085496967502856630",
"68735696391077202236332826559617805423",
"337215013836031058368149537683350340962",
"175061422976152892148562976048188341927",
"77097099692605930375766013882892308545"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/crypto_aead/aegis256/aead_aegis256.c"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-72d66064",
"digest": {
"threshold": 0.9,
"line_hashes": [
"315816786737262108165202358389495448512",
"63845873964713730487360122376010485090",
"229950918726258728907489947566772076964",
"273579080591120347021954521321661968276",
"173279987079037933167545833818492674785",
"261691840954649791837391579856369186657"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/crypto_aead/aegis128l/aead_aegis128l.c"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-743fdac7",
"digest": {
"threshold": 0.9,
"line_hashes": [
"241291362390970966119687003418518640000",
"148998168988971462501772092656155965283",
"180662736039736298842660616799743332709",
"236781085191269839238480224756322864215",
"244725727458201247031675736095252993838",
"11419066337079980079544781403154436620",
"207472804640406634179816897796173202",
"40219272335220661788972820483796946923",
"64018105627283189161448413090029376271",
"250432648790730546764706619234776830385",
"251242987065344112180028105881764441916"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/test/default/core_ed25519.c"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-7e31737c",
"digest": {
"threshold": 0.9,
"line_hashes": [
"241291362390970966119687003418518640000",
"312918036739247308043503356467190296038",
"158559001847653613136767610019623610478",
"125622564604679912747539859045396713679",
"204909454247726381801900882331589224786",
"138331253836022516973903582413033525227",
"168782483951090409016968964341208348521",
"208436452155015170044394156512511759067",
"8412632994326004333787799909632862415",
"181169542606285486452651058738837453432",
"271274064408363807014986156343647420237"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/test/default/scalarmult_ed25519.c"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-872a6ad1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"110905110663799704070307190265979675473",
"312151617226326667937593172010765607184",
"114644993365556307877545538298049237298",
"301657286825928127307668976892071062372"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/include/sodium/crypto_stream_salsa2012.h"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-87c5da57",
"digest": {
"threshold": 0.9,
"line_hashes": [
"308260423799822450319674702526506087449",
"88941942348244197780106375069153521451",
"91481388705350097720418432703299415795",
"85590579739442630473906153250189822304",
"240838851987162662003026314670961205689",
"321302984625379645327288223242572254769",
"152774947681641221797454343977315974438",
"208498853723714622487037809059887703408",
"328476950466293324903342946523090922299"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-b373aef4",
"digest": {
"threshold": 0.9,
"line_hashes": [
"56799338321303892359028336369590536892",
"312151617226326667937593172010765607184",
"223492868826046591829566589719464576446",
"271331698987622438945788443888597290917",
"230569891340459460316832453014886170335",
"250420568705887507072681605060992754004",
"180696666794389501438063077626441674698",
"150740775544592619137927485032492522528",
"44282700865741357120391590270064546506",
"172092357026757331258662055269556528344",
"309817107654374342265374800337701307366",
"312151617226326667937593172010765607184",
"4258598611968943916318688929684843691",
"330059936811685925238151476075527154483",
"316777970530916073148832072820481687604",
"58199976541136397119408103053085757290",
"311434568642645167588838143272917246909",
"291343254744615363536627036247921219340",
"254755483956675616987411518026069903040",
"333399013983039306692956243736839123602"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/include/sodium/crypto_stream_chacha20.h"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-b74ddaae",
"digest": {
"length": 17406.0,
"function_hash": "264625072053653314383393154503339269395"
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/libsodium/test/default/core_ed25519.c",
"function": "main"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-ba710713",
"digest": {
"threshold": 0.9,
"line_hashes": [
"42733275492900604185315508785770941150",
"312151617226326667937593172010765607184",
"47633753536891534681112854856235915492",
"53432262892220890662879486834851705911",
"242187286509258097631392794339366758052",
"152676262903635342471358767692724277176",
"180696666794389501438063077626441674698",
"150740775544592619137927485032492522528",
"257461800639106252464493145063608392059",
"9472073518650453918962973449764252768"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/include/sodium/crypto_stream_salsa20.h"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-e1ca9b51",
"digest": {
"threshold": 0.9,
"line_hashes": [
"196080584037148168841616985332982980336",
"312151617226326667937593172010765607184",
"32910570611504010648486574325371451024",
"96679906918251537214662553327687944998"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/src/libsodium/include/sodium/crypto_stream.h"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-e5477171",
"digest": {
"length": 642.0,
"function_hash": "138729168927948144710317439932015631584"
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/libsodium/src/libsodium/crypto_aead/aegis256/aead_aegis256.c",
"function": "crypto_aead_aegis256_encrypt_detached"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-f27b4634",
"digest": {
"length": 645.0,
"function_hash": "10896568595684321769119659255294663110"
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/libsodium/src/libsodium/crypto_aead/aegis128l/aead_aegis128l.c",
"function": "crypto_aead_aegis128l_encrypt_detached"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-f5b370e3",
"digest": {
"threshold": 0.9,
"line_hashes": [
"5341216938120920449918138990777926469",
"324967100711596872117223212499567287089",
"228689071439774033045939807618309251020",
"156688743998471874410638012048967895257"
]
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/libsodium/test/default/kdf_hkdf.c"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-fd2b48e3",
"digest": {
"length": 113.0,
"function_hash": "225152862173646219701680893385147273816"
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/libsodium/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c",
"function": "ge25519_is_on_main_subgroup"
}
},
{
"deprecated": false,
"id": "CVE-2025-69277-ffdefbf6",
"digest": {
"length": 577.0,
"function_hash": "73575649920423088164001204825866035319"
},
"source": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/libsodium/src/libsodium/crypto_aead/aegis128l/aead_aegis128l.c",
"function": "crypto_aead_aegis128l_decrypt_detached"
}
}
]