Lucene search
K

5 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in nss, Thunderbird

Versions of NSS Network Security Services prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications that use NSS to handle signatures encoded within CMS, S/MIME, PKCS \7, or PKCS \12 are likely to be affected. Applications that...

9.8CVSS7.1AI score0.17563EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.6 views

Amazon Linux 2022 : nss (ALAS2022-2021-002)

The version of nss installed on the remote host is prior to 3.71.0-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2021-002 advisory. NSS Network Security Services up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS...

9.8CVSS7.7AI score0.17563EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/02/16 12:0 a.m.9 views

CVE-2021-43529

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS...

9.8AI score0.00469EPSS
Exploits0References1
Cloud Foundry
Cloud Foundry
added 2022/01/20 12:0 a.m.37 views

USN-5168-1: NSS vulnerability | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute...

9.8CVSS10AI score0.17563EPSS
Exploits0Affected Software1
Ubuntu
Ubuntu
added 2021/12/01 6:2 p.m.109 views

USN-5168-3: NSS vulnerability

USN-5168-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS ...

9.8CVSS7.7AI score0.17563EPSS
Exploits0
Rows per page
Query Builder