36 matches found
Updated rootcerts, nss & firefox packages fix security vulnerabilities
Out-of-bounds access when resolving Promise objects. CVE-2025-4918 Out-of-bounds access when optimizing linear sums. CVE-2025-4919...
MGASA-2023-0199 Updated firefox/nss packages fix security vulnerability
Click-jacking certificate exceptions through rendering lag. CVE-2023-34414 Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12. CVE-2023-34416...
Important Photon OS Security Update - PHSA-2023-5.0-0014
Updates of 'nss' packages of Photon OS have been released...
Critical Photon OS Security Update - PHSA-2023-3.0-0579
Updates of 'nss' packages of Photon OS have been released...
NewStart CGSL CORE 5.05 / MAIN 5.05 : nss Vulnerability (NS-SA-2023-0010)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has nss packages installed that are affected by a vulnerability: - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures...
Updated firefox/nss packages fix security vulnerability
An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin CVE-2022-38472. A cross-origin iframe referencing ...
EulerOS Virtualization 2.9.0 : nss (EulerOS-SA-2022-2203)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. Thi...
Important Photon OS Security Update - PHSA-2021-0454
Updates of 'nss' packages of Photon OS have been released...
MGASA-2021-0534 Updated nss packages fix security vulnerability
NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS 7, or PKCS 12 are likely to be impacted. Applications using NSS...
NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0121)
The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel...
NewStart CGSL CORE 5.04 / MAIN 5.04 : nss Multiple Vulnerabilities (NS-SA-2021-0019)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has nss packages installed that are affected by multiple vulnerabilities: - A vulnerability exists where it possible to force Network Security Services NSS to sign CertificateVerify with PKCS1 v1.5 signatures when those are the...
NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0053)
The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox...
Fedora 32 : firefox (2020-0e26e95566)
Update to Firefox 84 - Built with system nss Please give karma to nss packages which are needed for this update : https://bodhi.fedoraproject.org/updates/FEDORA-2020-c489b93b18 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d04a8e97b3 ---- - New upstream version Firefox 84 - Enabled...
NewStart CGSL CORE 5.04 / MAIN 5.04 : nss Multiple Vulnerabilities (NS-SA-2019-0262)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has nss packages installed that are affected by multiple vulnerabilities: - Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and use...
NewStart CGSL CORE 5.05 / MAIN 5.05 : nss Multiple Vulnerabilities (NS-SA-2019-0236)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has nss packages installed that are affected by multiple vulnerabilities: - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of...
MGASA-2019-0374 Updated nss packages fix security vulnerability
Updated nss packages fix security vulnerability: Out-of-bounds write when passing an output buffer smaller than the block size to NSCEncryptUpdate CVE-2019-11745. Also, rootcerts has been updated to 20191126.00...
NewStart CGSL MAIN 4.05 : nss Vulnerability (NS-SA-2019-0112)
The remote NewStart CGSL host, running version MAIN 4.05, has nss packages installed that are affected by a vulnerability: - A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an...
MGASA-2019-0038 Updated nss packages fix security vulnerability
Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys CVE-2018-0495...
Updated nss packages fix security vulnerability
Cache side-channel variant of the Bleichenbacher attack.CVE-2018-12404...
MGASA-2018-0482 Updated nss packages fix security vulnerability
Cache side-channel variant of the Bleichenbacher attack.CVE-2018-12404...