Network Security Services Security Vulnerabilities and Issues — Network Security Services CVE List

Lucene search

MozillaNetwork Security Services

3 matches found

CVE•added 2018/06/11 9:29 p.m.•158 views

CVE-2017-5462

A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerabili...

5.3CVSS6.4AI score0.01072EPSS

CVE•added 2018/08/01 1:29 p.m.•106 views

CVE-2016-8635

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

5.9CVSS6.3AI score0.00443EPSS

CVE•added 2018/07/19 1:29 p.m.•65 views

CVE-2016-9574

nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA.

5.9CVSS6.2AI score0.00184EPSS