Lucene search
K

11 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in nss

A flaw was discovered in the implementation of CHACHA20-POLY1305 in NSS versions prior to 3.55. When using multi-part Chacha20, it could lead to out-of-bounds reads. This issue was addressed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and enforcing strict tag...

9.1CVSS7.1AI score0.01541EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: nss (UTSA-2026-017618)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017618 advisory. A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. Thi...

9.1CVSS7AI score0.01541EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.43 views

Debian dla-3327 : libnss3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3327 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3327-1 [email protected]...

9.1CVSS7.9AI score0.01541EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.41 views

NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0121)

The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel...

9.1CVSS7.2AI score0.01541EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2021/06/10 7:0 a.m.6 views

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20 it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.

...

9.1CVSS7AI score0.01541EPSS
Exploits0
OSV
OSV
added 2021/05/27 7:15 p.m.1 views

DEBIAN-CVE-2020-12403

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length...

9.1CVSS7.3AI score0.01541EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/03/09 9:22 a.m.4 views

nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length. The highest threat from...

9.1CVSS7.1AI score0.01541EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/02/16 2:33 p.m.8 views

nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length. The highest threat from...

9.1CVSS7.1AI score0.01541EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/12/14 12:0 a.m.41 views

EulerOS 2.0 SP8 : nss-softokn (EulerOS-SA-2020-2523)

According to the versions of the nss-softokn packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This...

9.1CVSS7.1AI score0.01541EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.6 views

nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length. The highest threat from...

9.1CVSS7.1AI score0.01541EPSS
Exploits0References5
OSV
OSV
added 2020/08/18 3:55 a.m.1 views

UBUNTU-CVE-2020-12403

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length...

9.1CVSS7AI score0.01541EPSS
Exploits0References5
Rows per page
Query Builder