21 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-18508
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Network Security Services NSS before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of...
RHEL 8 : nss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nss: Cache side-channel variant of the Bleichenbacher attack CVE-2018-12404 - In Network Security Service...
RHEL 7 : nss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nss: Insufficient timing side-channel resistance in divSpoiler CVE-2016-9074 - nss before version 3.30 is...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2023-1713)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-2413)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.6 : nss (EulerOS-SA-2021-1416)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multipl...
EulerOS Virtualization 3.0.6.6 : nss (EulerOS-SA-2021-1502)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multipl...
EulerOS 2.0 SP5 : nss (EulerOS-SA-2021-1218)
According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Network Security Services NSS before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a...
EulerOS 2.0 SP3 : nss (EulerOS-SA-2021-1102)
According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Network Security Services NSS before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1102)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-18508
In Network Security Services NSS before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service...
CVE-2018-18508
CVE-2018-18508 affects Network Security Services (NSS) prior to 3.36.7 and prior to 3.41.1, where a malformed signature can trigger a null-dereference crash and cause a Denial of Service. The issue is caused by mishandling of signatures in NSS that leads to a crash under certain conditions when v...
Debian DLA-2388-1 : nss security update
Various vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2018-12404 Cache side-channel variant of the Bleichenbacher attack. CVE-2018-18508 NULL pointer dereference in several CMS functions resulting in a denial of service. CVE-2019-11719 Out-of-bounds read when...
Debian: Security Advisory (DLA-2388-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : nss and nspr (RHSA-2019:1951)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1951 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...
Moderate: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update
An update for nss and nspr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Debian DLA-1704-1 : nss security update
Vulnerabilities have been discovered in nss, the Mozilla Network Security Service library. CVE-2018-12404 Cache side-channel variant of the Bleichenbacher attack CVE-2018-18508 NULL pointer dereference in several CMS functions resulting in a denial of service For Debian 8 'Jessie', these problems...
Fedora 28 : nss (2019-c602845b91)
Updates the nss package to upstream NSS 3.42.1. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS3.42 .1releasenotes Note that Tenable Network Security has extracted...
Debian: Security Advisory (DLA-1704-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 29 : nss (2019-68b9bec5ca)
Updates the nss package to upstream NSS 3.42.1. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS3.42 .1releasenotes Note that Tenable Network Security has extracted...