rpm package
suse/mozilla-nspr&distro=SUSE OpenStack Cloud 7
pkg:rpm/suse/mozilla-nspr&distro=SUSE%20OpenStack%20Cloud%207
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-12376 | — | < 4.19-19.3.1 | 4.19-19.3.1 | Oct 18, 2018 | Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, | ||
| CVE-2018-0495 | — | < 4.20-19.6.1 | 4.20-19.6.1 | Jun 13, 2018 | Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Numbe | ||
| CVE-2017-16541 | Med | 6.5 | < 4.19-19.3.1 | 4.19-19.3.1 | Nov 4, 2017 | Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected. |
- CVE-2018-12376Oct 18, 2018affected < 4.19-19.3.1fixed 4.19-19.3.1
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2,
- CVE-2018-0495Jun 13, 2018affected < 4.20-19.6.1fixed 4.20-19.6.1
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Numbe
- affected < 4.19-19.3.1fixed 4.19-19.3.1
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.
Page 2 of 2