Compile-Time Security Analysis and Optimization of Sensitive String Producers

Content composition vulnerabilities remain among the most prevalent and persistent classes of security weakness in deployed software. Prior mitigations, including developer training, static analysis tools, and domain-specific template languages, each face diminishing returns; AI code generation...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

[SECURITY] Fedora 42 Update: nss-3.122.2-1.fc42

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

[SECURITY] Fedora 43 Update: nss-3.122.1-1.fc43

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

FreeBSD : Mozilla -- Other issue in the Libraries component in NSS (82451a4b-4305-11f1-a627-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 82451a4b-4305-11f1-a627-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2023209 reports: Other issue in the Libraries component in...

ALSA-2026:10766 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine compone...

[SECURITY] Fedora 44 Update: nss-3.122.1-1.fc44

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

OPENSUSE-SU-2026:20621-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.10.0 ESR. - MFSA 2026-32 bsc1262230: CVE-2026-6746: Use-after-free in the DOM: Core & HTML component CVE-2026-6747: Use-after-free in the WebRTC component CVE-2026-6748: Uninitialized memory ...

CVE-2026-6766

CVE-2026-6766 describes an incorrect boundary condition in the NSS Libraries component. The vulnerability affects the Libraries component within NSS, with fixes implemented in Firefox 150 and Firefox ESR 140.10 . The available documents do not specify affected product families beyond the NSS Libr...

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

[SECURITY] Fedora 42 Update: nss-3.121.0-1.fc42

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

ALSA-2026:3339 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs fixed in Firef...

nss bug fix update

An update is available for nss. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Security Services NSS is a set of libraries designed to support the...

Moderate: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

nss bug fix and enhancement update

An update is available for nss. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Security Services NSS is a set of libraries designed to support the...

CVE-2023-29204 URL Redirection to Untrusted Site ('Open Redirect') in org.xwiki.platform:xwiki-platform-oldcore

XWiki Commons are technical libraries common to several other top level XWiki projects. It is possible to bypass the existing security measures put in place to avoid open redirect by using a redirect such as //mydomain.com i.e. omitting the http:. It was also possible to bypass it when using URL...

nss and nspr bug fix and enhancement update

An update is available for nspr, nss. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Security Services NSS is a set of libraries designed to support the...

wolfssl -- multiple issues

wolfSSL blog reports: In release 5.4.0 there were 3 vulnerabilities listed as fixed in wolfSSL. Two relatively new reports, one dealing with a DTLS 1.0/1.2 denial of service attack and the other a ciphertext attack on ECC/DH operations. The last vulnerability listed was a public disclosure of a...

RLSA-2021:0538 Moderate: nss security and bug fix update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: Side channel attack on ECDSA signature generation CVE-2020-6829 nss: P-384 and P-521 implementation uses a side-channel...

[SECURITY] Fedora 30 Update: nss-3.51.1-1.fc30

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...