CVE-2026-12318

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

Astra Linux – Vulnerability in nss

NSS has demonstrated timing differences during the execution of DSA signatures, which can be exploited and may eventually lead to the leakage of private keys. This vulnerability affects Thunderbird versions 68.9.0, Firefox versions 77, and Firefox ESR versions 68.9...

Astra Linux – Vulnerability in nss

A flaw was discovered in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, resulting in a denial of service for servers compiled with the NSS library. The greatest threat posed by this vulnerability is related to system...

Astra Linux – Vulnerability in nss

During RSA key generation, bignum implementations used a variant of the Binary Extended Euclidean Algorithm, which involved significant input-dependent processes. This allowed attackers to perform electromagnetic-based side-channel attacks to capture traces that could lead to the recovery of secr...

Astra Linux – Vulnerability in nss

A flaw was discovered in the implementation of CHACHA20-POLY1305 in NSS versions prior to 3.55. When using multi-part Chacha20, it could lead to out-of-bounds reads. This issue was addressed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and enforcing strict tag...

Astra Linux – Vulnerabilities in Firefox, Thunderbird, NSS

A mismatch between the allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

SUSE CVE-2026-12318

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

Fedora 44 : firefox / nss (2026-5eeadd9b1b)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-5eeadd9b1b advisory. Update NSS to 3.124.0 Update Firefox to 152.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

CVE-2026-12318

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

CVE-2026-12318 Incorrect boundary conditions in the Libraries component in NSS

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

EUVD-2026-37109

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

PT-2026-49687

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Thunderbird versions prior to 152 Description Incorrect boundary conditions exist within the Libraries component of the Network Security Services NSS, which is a set of libraries providing support for security...

RLSA-2026:19348 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

Medium: nss

Issue Overview: Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. CVE-2026-6766 Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150,...

Fedora 42 : firefox / nss (2026-7f6ee801e2)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-7f6ee801e2 advisory. Update NSS to 3.123.1 Update to Firefox 151.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Oracle Linux 8 : firefox (ELSA-2026-19588)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-19588 advisory. 140.10.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.10.1 -...

[SECURITY] Fedora 42 Update: nss-3.123.1-1.fc42

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

[SECURITY] [DSA 6290-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6290-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 21, 2026 https://www.debian.org/security/faq -...

[SECURITY] Fedora 43 Update: nss-3.123.1-1.fc43

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...