EulerOS Virtualization 2.12.1 : nss (EulerOS-SA-2026-1447)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...

EulerOS Virtualization 2.10.1 : nss (EulerOS-SA-2026-1133)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...

EulerOS Virtualization 2.13.0 : nss (EulerOS-SA-2025-2177)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...

EulerOS 2.0 SP12 : nss (EulerOS-SA-2025-2049)

According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is...

OESA-2025-1583 nss security update

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

Ubuntu: Security Advisory (USN-5872-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5872-1: NSS vulnerabilities

Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. CVE-2022-22747 Ronald Crane discovered that NSS incorrectly handled certain memory operations. A remote attacker...

Ubuntu 16.04 ESM : NSS vulnerabilities (USN-5872-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5872-1 advisory. Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash,...

CVE-2022-22747

After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

Ubuntu: Security Advisory (USN-5506-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5506-1: NSS vulnerabilities

Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. CVE-2022-22747 Ronald Crane...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : NSS vulnerabilities (USN-5506-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5506-1 advisory. Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to...

Mozilla Firefox Security Advisory (MFSA2022-01) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2022-01. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

Debian DLA-2898-1 : nss - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2898 advisory. It was found that nss, the Mozilla Network Security Service library, was vulnerable to a NULL pointer dereference when parsing empty PKCS 7 sequences, which could result in...

Debian DSA-5062-1 : nss - security update

The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5062 advisory. - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be...

Ubuntu: Security Advisory (USN-5246-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : MozillaThunderbird (openSUSE-SU-2022:0199-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0199-1 advisory. - Mozilla: Iframe sandbox bypass with XSLT CVE-2021-4140 - Mozilla: Race condition when playing audio files CVE-2022-22737 - Mozilla:...

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2022:0199-1 Rating: important References: 1194547 Cross-References: CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22744...

SUSE: Security Advisory (SUSE-SU-2022:14880-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2898-1] nss security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2898-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 25, 2022 https://wiki.debian.org/LTS -...