Lucene search

K
cvelistMozillaCVELIST:CVE-2018-18508
HistoryOct 22, 2020 - 8:14 p.m.

CVE-2018-18508

2020-10-2220:14:42
mozilla
www.cve.org
8
network security services
nss
malformed signature
null dereference
denial of service

AI Score

6.8

Confidence

High

EPSS

0.002

Percentile

60.9%

In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.

CNA Affected

[
  {
    "product": "NSS",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "3.41.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "3.36.7",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]