NSS -- multiple vulnerabilities

2016-06-0700:00:00

vuxml.freebsd.org

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.5%

JSON

Mozilla Foundation reports:

Mozilla has updated the version of Network Security
Services (NSS) library used in Firefox to NSS 3.23. This
addresses four moderate rated networking security issues
reported by Mozilla engineers Tyson Smith and Jed Davis.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchnss< 3.23UNKNOWN
FreeBSDanynoarchlinux-c6-nss< 3.21.3UNKNOWN
FreeBSDanynoarchlinux-c7-nss< 3.21.3UNKNOWN
FreeBSDanynoarchlinux-seamonkey< 2.44UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	nss	< 3.23	UNKNOWN
FreeBSD	any	noarch	linux-c6-nss	< 3.21.3	UNKNOWN
FreeBSD	any	noarch	linux-c7-nss	< 3.21.3	UNKNOWN
FreeBSD	any	noarch	linux-seamonkey	< 2.44	UNKNOWN