Nss Security Vulnerabilities and Issues — Nss CVE List

Lucene search

MozillaNss

3 matches found

CVE•added 2023/12/12 5:15 p.m.•242 views

CVE-2023-4421

The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected ciphert...

6.5CVSS6.2AI score0.0022EPSS

CVE•added 2020/10/22 9:15 p.m.•209 views

CVE-2018-18508

In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.

6.5CVSS6.3AI score0.00315EPSS

CVE•added 2016/01/31 6:59 p.m.•128 views

CVE-2016-1938

The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div...

6.5CVSS7.6AI score0.01048EPSS