{"affected":[{"ecosystem_specific":{"binaries":[{"libsodium23":"1.0.16-1.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 12","name":"libsodium","purl":"pkg:rpm/suse/libsodium&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.16-1.15.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for libsodium fixes the following issues: \n\n- CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070).\n- CVE-2025-69277: Fixed incorrect validation of elliptic curve points in crypto_core_ed25519_is_valid_point function (bsc#1255764).\n","id":"SUSE-SU-2026:0482-1","modified":"2026-02-12T16:04:29Z","published":"2026-02-12T16:04:29Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-20260482-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1255764"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256070"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-15444"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-69277"}],"related":["CVE-2025-15444","CVE-2025-69277"],"summary":"Security update for libsodium","upstream":["CVE-2025-15444","CVE-2025-69277"]}