SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2019:14124-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14124-1 advisory. - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable...

Medium: nspr, nss-softokn, nss-util, nss

Issue Overview: When importing a curve25519 private key in PKCS8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services NSS library. This could lead to information disclosure. This vulnerability affects Firefox ESR 60.8, Firefox 68, and...

Amazon Linux 2 : nspr, nss-softokn, nss-util, nss (ALAS-2020-1559)

The version of nspr installed on the remote host is prior to 4.25.0-2. The version of nss installed on the remote host is prior to 3.53.1-3. The version of nss-softokn installed on the remote host is prior to 3.53.1-6. The version of nss- util installed on the remote host is prior to 3.53.1-1. It...

Debian DLA-1857-1 : nss security update

Vulnerabilities have been discovered in nss, the Mozilla Network Security Service library. CVE-2019-11719: Out-of-bounds read when importing curve25519 private key When importing a curve25519 private key in PKCS8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in th...