17 matches found
MiracleLinux 8 : nspr-4.25.0-2.el8, nss-3.53.1-11.0.1.el8 (AXSA:2020-690:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-690:01 advisory. nss: UAF in sftkFreeSession due to improper refcounting CVE-2019-11756 nss: Check length of inputs for cryptographic primitives CVE-2019-17006 nss:...
Alibaba Cloud Linux 3 : 0015: nss (ALINUX3-SA-2021:0015)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0015 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-12400: When converting coordinate...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2022-2203)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.0 : nss (EulerOS-SA-2022-2203)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. Thi...
EulerOS Virtualization 2.9.1 : nss (EulerOS-SA-2022-2184)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. Thi...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2022-1847)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2022-1871)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : nss (EulerOS-SA-2022-1871)
According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability...
Mozilla Firefox Security Advisory (MFSA2019-36) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
CentOS: Security Advisory for nss (CESA-2020:4076)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Moderate: Red Hat Security Advisory: nss-softokn security update
An update for nss-softokn is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Moderate: Red Hat Security Advisory: nss-softokn security update
An update for nss-softokn is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...
Scientific Linux Security Update : nss and nspr on SL7.x x86_64 (20201001)
Security Fixes : - nss: Out-of-bounds read when importing curve25519 private key CVE-2019-11719 - nss: Use-after-free in sftkFreeSession due to improper refcounting CVE-2019-11756 - nss: Check length of inputs for cryptographic primitives CVE-2019-17006 - nss: Side channel attack on ECDSA signatu...
Moderate: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update
An update for nss, nss-softokn, nss-util, and nspr is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
Oracle Linux 8 : nss / and / nspr (ELSA-2020-3280)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3280 advisory. nspr 4.25.0-2 - Rebuild 4.25.0-1 - Update to NSPR 4.25 nss 3.53.1-11 - Fix issue with upgradedb where upgradedb expects standard to generate dbm...
CVE-2019-11756
CVE-2019-11756 is a Mozilla Firefox/NSS use-after-free vulnerability related to SFTKSession object handling. The connected AWS ALAS-2021-1522 aggregates NSS-related issues (including this CVE) and indicates affected Firefox/NSS components with suggested updates; it lists NSS-related packages (nsp...
Mozilla Firefox < 71.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 71.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-36 advisory. - Mozilla developers and community members Philipp, Diego Calleja, Mikhail Gavrilov, Jason Kratzer, Christian...