Two vulnerabilities were discovered in NSS, a set of cryptographic
libraries, which may result in denial of service and potentially the
execution of arbitrary code
For the stable distribution (buster), these problems have been fixed in
version 2:3421-1+deb10u2
We recommend that you upgrade your nss packages
For the detailed security status of ...
Synopsis
Important: nss-softokn security update
Type/Severity
Security Advisory: Important
Topic
An update for nss-softokn is now available for Red Hat Enterprise Linux 66 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...
Synopsis
Important: nss, nss-softokn, nss-util security update
Type/Severity
Security Advisory: Important
Topic
An update for nss, nss-softokn, and nss-util is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...
Synopsis
Important: nss-softokn security update
Type/Severity
Security Advisory: Important
Topic
An update for nss-softokn is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...
Synopsis
Important: nss-softokn security update
Type/Severity
Security Advisory: Important
Topic
An update for nss-softokn is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterprise Linux 74 Update Services f ...
Synopsis
Important: nss-softokn security update
Type/Severity
Security Advisory: Important
Topic
An update for nss-softokn is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Synopsis
Important: nss security update
Type/Severity
Security Advisory: Important
Topic
An update for nss is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: nss-softokn security update
Type/Severity
Security Advisory: Important
Topic
An update for nss-softokn is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...
Synopsis
Important: nss security update
Type/Severity
Security Advisory: Important
Topic
An update for nss is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which g ...
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla nss A remote attacker could trigger this flaw via SRTP encrypt or decrypt operations, to execute arbitrary code with the permissions of the user running the application (compiled with nss) While the attack complexity is high, the impact to confidentiality, integ ...
Firefox could be made to crash or run programs as your login if it
opened a malicious website ...
Firefox could be made to crash or run programs as your login if it
opened a malicious website ...
NSS could be made to crash or run programs if it received specially crafted
input ...
NSS could be made to crash or run programs if it received specially crafted
input ...
Several security issues were fixed in Thunderbird ...
Several security issues were fixed in Thunderbird ...
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used This vulnerability affects Firefox ESR < 608, Firefox < 68, and Thunderbird < 608 (CVE-2019-11729)
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla ...
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla nss A remote attacker could trigger this flaw via SRTP encrypt or decrypt operations, to execute arbitrary code with the permissions of the user running the application (compiled with nss) While the attack complexity is high, the impact to confidentiality, integ ...
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used This vulnerability affects Firefox ESR < 608, Firefox < 68, and Thunderbird < 608 (CVE-2019-11729)
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla ...
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used This vulnerability affects Firefox ESR < 608, Firefox < 68, and Thunderbird < 608 (CVE-2019-11729)
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla ...
Severity
Unknown
Remote
Unknown
Type
Unknown
Description
AVG-1071
firefox
7001-3
710-1
Critical
Fixed ...
Mozilla Foundation Security Advisory 2019-37
Security Vulnerabilities fixed in - Firefox ESR 683
Announced
December 3, 2019
Impact
high
Products
Firefox ESR
Fixed in
Firefox ESR 683
...
Mozilla Foundation Security Advisory 2019-36
Security Vulnerabilities fixed in - Firefox 71
Announced
December 3, 2019
Impact
high
Products
Firefox
Fixed in
Firefox 71
...
Mozilla Foundation Security Advisory 2019-38
Security Vulnerabilities fixed in - Thunderbird 683
Announced
December 3, 2019
Impact
high
Products
Thunderbird
Fixed in
Thunderbird 683
...