Mod Nss@* Security Vulnerabilities and Issues — Mod Nss@* CVE List

Lucene search

Mod Nss ProjectMod Nss*

6 matches found

CVE•added 2020/10/20 10:15 p.m.•263 views

CVE-2020-25648

A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This fla...

7.5CVSS7.2AI score0.00123EPSS

CVE•added 2017/05/30 6:29 p.m.•149 views

CVE-2017-7502

Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.

7.5CVSS7.3AI score0.02435EPSS

CVE•added 2022/10/14 5:15 p.m.•134 views

CVE-2022-3479

A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.

7.5CVSS7.3AI score0.00148EPSS

CVE•added 2013/12/12 6:55 p.m.•71 views

CVE-2013-4566

mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.

4CVSS3.8AI score0.00124EPSS

CVE•added 2017/08/07 8:29 p.m.•44 views

CVE-2015-5244

The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.

9.8CVSS6.2AI score0.00179EPSS

CVE•added 2017/08/09 6:29 p.m.•37 views

CVE-2015-3277

The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring.

7.5CVSS7.3AI score0.00334EPSS