Updated nspr, nss and firefox(-l10n) packages fix security issues

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

Amazon Linux 2023 : nspr, nspr-devel, nss (ALAS2023-2026-1703)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1703 advisory. Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. CVE-2026-6766 Other...

MiracleLinux 8 : nspr-4.32.0-1.el8, nss-3.67.0-6.el8 (AXSA:2021-2445:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2445:02 advisory. nss: TLS 1.3 CCS flood remote DoS Attack CVE-2020-25648 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 3 : nspr-4.10.2-2.AXS3, nss-3.15.3-4.AXS3 (AXSA:2014-237:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-237:01 advisory. nss: Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server...

MiracleLinux 8 : nspr-4.25.0-2.el8, nss-3.53.1-11.0.1.el8 (AXSA:2020-690:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-690:01 advisory. nss: UAF in sftkFreeSession due to improper refcounting CVE-2019-11756 nss: Check length of inputs for cryptographic primitives CVE-2019-17006 nss:...

MiracleLinux 4 : nspr-4.10.8-2.AXS4, nss-util-3.19.1-2.AXS4, nss-3.19.1-5.AXS4 (AXSA:2015-535:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-535:01 advisory. nspr NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal fi...

MiracleLinux 7 : nspr-4.10.8-2.el7, nss-3.19.1-7.el7.2, nss-util-3.19.1-4.el7 (AXSA:2015-533:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-533:01 advisory. nspr NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal fi...

MiracleLinux 3 : firefox-3.0.15-3.1AXS3 (AXSA:2009-419:04)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-419:04 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. NSPR provides platform independence fo...

MGASA-2025-0328 Updated nspr, nss & firefox packages fix security vulnerabilities

Use-after-free in the WebRTC: Signaling component. CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2025-14322 Privilege escalation in the DOM: Notifications component. CVE-2025-14323 JIT miscompilation in the JavaScript Engine: JIT...

EUVD-2014-1621

Malware in sbrugna...

Alibaba Cloud Linux 3 : 0071: nss and nspr (ALINUX3-SA-2021:0071)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0071 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-25648: A flaw was found in the way NSS...

Mageia: Security Advisory (MGASA-2024-0349)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated nspr, nss, firefox & rust packages fix security vulnerabilities

Permission leak via embed or object elements. CVE-2024-10458 Use-after-free in layout with accessibility. CVE-2024-10459 Confusing display of origin for external protocol handler prompt. CVE-2024-10460 XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response...

RHSA-2021:3572 Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2020:4076 Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2020:3280 Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2019:1951 Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

Bulletin has no description...

RHEA-2019:3280 Red Hat Enhancement Advisory: nss, nss-softokn, nss-util and nspr bug fix and enhancement update

Bulletin has no description...

RHSA-2019:2237 Red Hat Security Advisory: nss, nss-softokn, nss-util, and nspr security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2016:0685 Red Hat Security Advisory: nss, nspr, nss-softokn, and nss-util security, bug fix, and enhancement update

Bulletin has no description...