26 matches found
CBL Mariner 2.0 Security Update: nss (CVE-2020-12403)
The version of nss installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-12403 advisory. - A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using...
Debian dla-3327 : libnss3 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3327 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3327-1 [email protected]...
Debian: Security Advisory (DLA-3327-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3327-1] nss security update
Debian LTS Advisory DLA-3327-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 20, 2023 https://wiki.debian.org/LTS Package : nss Version : 2:3.42.1-1+deb10u6 CVE ID : CVE-2020-6829 CVE-2020-12400 CVE-2020-12401 CVE-2020-12403 CVE-2023-0767 Multiple...
CVE-2020-12403 affecting package nss for versions less than 3.44-10
CVE-2020-12403 affecting package nss for versions less than 3.44-10. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2020-0318)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0121)
The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2019-17006, CVE-2019-17023, CVE-2020-12403)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns Open Source - 2 issues for nss and one additional issue. Vulnerability Details CVEID: CVE-2019-17006 DESCRIPTION: Mozilla Network Securit...
Photon OS 2.0: Nss PHSA-2021-2.0-0358
An update of the nss package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-2.0-0358. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'...
Photon OS 1.0: Nss PHSA-2021-1.0-0404
An update of the nss package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0404. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'...
Photon OS 3.0: Nss PHSA-2021-3.0-0254
An update of the nss package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0254. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
CVE-2020-12403 affecting package nss 3.44-6
CVE-2020-12403 affecting package nss 3.44-6. A patched version of the package is available...
CVE-2020-12403
CVE-2020-12403 affects NSS where the CHACHA20-POLY1305 implementation for multi-part ChaCha20 could trigger out-of-bounds reads in versions prior to 3.55. The fix disables multi-part ChaCha20 (which was malfunctioning) and enforces the ChaCha20-Poly1305 tag length, reducing confidentiality and av...
CentOS: Security Advisory for nss (CESA-2020:4076)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Moderate: Red Hat Security Advisory: nss-softokn security update
An update for nss-softokn is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1640)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: nss-softokn security update
An update for nss-softokn is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...
Oracle Linux 8 : nss (ELSA-2021-0538)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0538 advisory. - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC. Tenable has extracted the preceding...
nss security and bug fix update
3.53.1-17 - Fix various corner cases with ike v1 app b support. 3.53.1-16 - Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC. 3.53.1-15 - Revert some policy changes the generate ABI runtime issues. 3.53.1-14 - Add...
Moderate: Red Hat Security Advisory: nss security and bug fix update
An update for nss is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...