Unrated severityNVD Advisory· Published Oct 22, 2020· Updated Aug 5, 2024
CVE-2018-18508
CVE-2018-18508
Description
In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- Range: <3.36.7, <3.41.1
- osv-coords7 versionspkg:rpm/opensuse/mozilla-nspr&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/mozilla-nss&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1
< 4.23-lp151.2.6.1+ 6 more
- (no CPE)range: < 4.23-lp151.2.6.1
- (no CPE)range: < 3.47.1-lp151.2.9.1
- (no CPE)range: < 4.23-3.9.1
- (no CPE)range: < 4.23-3.9.1
- (no CPE)range: < 3.47.1-3.22.1
- (no CPE)range: < 3.47.1-3.22.1
- (no CPE)range: < 3.47.1-3.22.1
- Range: unspecified
Patches
Vulnerability mechanics
References
4- cert-portal.siemens.com/productcert/pdf/ssa-379803.pdfmitrex_refsource_CONFIRM
- developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.36.7_release_notesmitrex_refsource_MISC
- developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.41.1_release_notesmitrex_refsource_MISC
- us-cert.cisa.gov/ics/advisories/icsa-21-040-04mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.