11 matches found
Astra Linux – Vulnerability in nss
A flaw was discovered in the implementation of CHACHA20-POLY1305 in NSS versions prior to 3.55. When using multi-part Chacha20, it could lead to out-of-bounds reads. This issue was addressed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and enforcing strict tag...
Unity Linux 20.1060e / 20.1070e Security Update: nss (UTSA-2026-017618)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017618 advisory. A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. Thi...
Debian dla-3327 : libnss3 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3327 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3327-1 [email protected]...
NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0121)
The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel...
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20 it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.
...
DEBIAN-CVE-2020-12403
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length...
nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length. The highest threat from...
nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length. The highest threat from...
EulerOS 2.0 SP8 : nss-softokn (EulerOS-SA-2020-2523)
According to the versions of the nss-softokn packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This...
nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length. The highest threat from...
UBUNTU-CVE-2020-12403
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and strictly enforcing tag length...