rpm package
suse/mozilla-nss&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-0767 | — | < 3.79.4-150000.3.93.1 | 3.79.4-150000.3.93.1 | Jun 2, 2023 | An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | ||
| CVE-2022-23491 | — | < 3.79.3-150000.3.90.1 | 3.79.3-150000.3.90.1 | Dec 7, 2022 | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from | ||
| CVE-2022-3479 | — | < 3.79.3-150000.3.90.1 | 3.79.3-150000.3.90.1 | Oct 14, 2022 | A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash. |
- CVE-2023-0767Jun 2, 2023affected < 3.79.4-150000.3.93.1fixed 3.79.4-150000.3.93.1
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
- CVE-2022-23491Dec 7, 2022affected < 3.79.3-150000.3.90.1fixed 3.79.3-150000.3.90.1
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from
- CVE-2022-3479Oct 14, 2022affected < 3.79.3-150000.3.90.1fixed 3.79.3-150000.3.90.1
A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.