Moderate: nss and nspr security, bug fix, and enhancement update

🗓️ 21 Sep 2021 07:08:30Reported by AlmaLinuxType

almalinux

almalinux🔗 errata.almalinux.org👁 31 Views

Moderate: NSS and NSPR security, bug fix, and enhancement updat

Reporter	Title	Published	Views	Family All 123
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to using components with known vulnerabilities	30 Jul 202105:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities (CVE-2020-25648, CVE-2021-31535, CVE-2021-20305, CVE-2020-25692)	8 Nov 202103:57	–	ibm
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs	19 Oct 202115:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by Mozilla Network Security Services (NSS) vulnerability (CVE-2020-25648)	9 Jul 202115:20	–	ibm
Tenable Nessus	Amazon Linux 2 : nss (ALAS-2021-1664)	23 Jun 202100:00	–	nessus
Tenable Nessus	Amazon Linux AMI : nss (ALAS-2021-1518)	13 Jul 202100:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0071: nss and nspr (ALINUX3-SA-2021:0071)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : nss and nspr (ALSA-2021:3572)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : nss and nspr (CESA-2021:3572)	21 Sep 202100:00	–	nessus
Tenable Nessus	CentOS 7 : nss (RHSA-2021:1384)	9 Oct 202400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
almalinux	8	aarch64	nspr-devel	4.32.0-1.el8_4	nspr-devel-4.32.0-1.el8_4.aarch64.rpm
almalinux	8	aarch64	nspr	4.32.0-1.el8_4	nspr-4.32.0-1.el8_4.aarch64.rpm
almalinux	8	x86_64	nss-sysinit	3.67.0-6.el8_4	nss-sysinit-3.67.0-6.el8_4.x86_64.rpm
almalinux	8	i686	nss-softokn-freebl	3.67.0-6.el8_4	nss-softokn-freebl-3.67.0-6.el8_4.i686.rpm
almalinux	8	i686	nss	3.67.0-6.el8_4	nss-3.67.0-6.el8_4.i686.rpm
almalinux	8	i686	nss-devel	3.67.0-6.el8_4	nss-devel-3.67.0-6.el8_4.i686.rpm
almalinux	8	i686	nss-softokn-freebl-devel	3.67.0-6.el8_4	nss-softokn-freebl-devel-3.67.0-6.el8_4.i686.rpm
almalinux	8	i686	nss-util-devel	3.67.0-6.el8_4	nss-util-devel-3.67.0-6.el8_4.i686.rpm
almalinux	8	i686	nspr-devel	4.32.0-1.el8_4	nspr-devel-4.32.0-1.el8_4.i686.rpm
almalinux	8	i686	nss-softokn	3.67.0-6.el8_4	nss-softokn-3.67.0-6.el8_4.i686.rpm

Source	Link
errata	www.errata.almalinux.org/8/ALSA-2021-3572.html
vulners	www.vulners.com/cve/CVE-2020-25648

21 Sep 2021 07:08Current

8.3High risk

Vulners AI Score8.3

CVSS 25

CVSS 3.17.5

EPSS0.03854

network security services netscape portable runtime tls 1.3 remote dos attack cve-2020-25648 bug fixes error code 8025 inconsistent handling sql databases power10 performance enhancements cryptography