Login Sign Up

CVE-2025-15444

9.8 CRITICAL

📋 TL;DR

The Crypt::Sodium::XS Perl module includes a vulnerable version of libsodium that mishandles elliptic curve point validation in certain custom cryptography scenarios. This could allow attackers to bypass cryptographic protections when processing untrusted data. Systems using Perl applications with this module are affected.

💻 Affected Systems

Products:
  • Crypt::Sodium::XS Perl module
Versions: All versions prior to 0.000042
Operating Systems: All operating systems running Perl
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when using crypto_core_ed25519_is_valid_point with untrusted data in custom cryptography implementations.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Cryptographic bypass leading to data decryption, authentication bypass, or integrity violations in systems relying on libsodium's Ed25519 validation.

🟠

Likely Case

Potential cryptographic weaknesses in custom implementations using crypto_core_ed25519_is_valid_point with untrusted data.

🟢

If Mitigated

Limited impact if standard libsodium APIs are used without custom cryptography or untrusted point validation.

🌐 Internet-Facing: MEDIUM - Only affects specific custom cryptographic implementations, not standard usage.
🏢 Internal Only: LOW - Requires specific atypical use cases to be exploitable.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires specific atypical use cases and custom cryptographic implementations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Crypt::Sodium::XS 0.000042

Vendor Advisory: https://metacpan.org/dist/Crypt-Sodium-XS/changes

Restart Required: No

Instructions:

1. Update Perl module: cpanm Crypt::Sodium::XS@0.000042
2. Verify libsodium version is 1.0.20-stable or later
3. Restart any Perl applications using the module

🔧 Temporary Workarounds

Avoid custom point validation

all

Avoid using crypto_core_ed25519_is_valid_point with untrusted data in custom implementations

🧯 If You Can't Patch

  • Discontinue use of crypto_core_ed25519_is_valid_point with untrusted data
  • Implement additional validation layers for cryptographic operations

🔍 How to Verify

Check if Vulnerable:

Check Crypt::Sodium::XS version: perl -MCrypt::Sodium::XS -e 'print $Crypt::Sodium::XS::VERSION'

Check Version:

perl -MCrypt::Sodium::XS -e 'print $Crypt::Sodium::XS::VERSION'

Verify Fix Applied:

Verify version is 0.000042 or higher and libsodium version is 1.0.20-stable or later

📡 Detection & Monitoring

Log Indicators:

  • Unusual cryptographic operation failures
  • Invalid point validation attempts

Network Indicators:

  • Unusual patterns in cryptographic protocol communications

SIEM Query:

Search for Perl application errors related to Crypt::Sodium::XS or libsodium operations

📊 Metadata

CVE ID: CVE-2025-15444
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score: 0.06% exploit probability (18th percentile)
Published: January 6, 2026
Last Updated: January 8, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON