Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
不完整的黑名单
Vulnerability Title
libsodium 安全漏洞
Vulnerability Description
libsodium是Frank Denis个人开发者的一个加密软件库。 libsodium ad3004e之前版本存在安全漏洞,该漏洞源于对椭圆曲线点有效性检查处理不当,可能允许非主加密群组的点。
CVSS Information
N/A
Vulnerability Type
N/A