rpm package
suse/mozilla-nss&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Vulnerabilities (136)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1097 | — | < 3.68.3-47.25.1 | 3.68.3-47.25.1 | Dec 22, 2022 | NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. | ||
| CVE-2021-43527 | — | < 3.68.1-47.19.1 | 3.68.1-47.19.1 | Dec 8, 2021 | NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. | ||
| CVE-2020-12403 | — | < 3.68-47.16.1 | 3.68-47.16.1 | May 27, 2021 | A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly en | ||
| CVE-2020-6829 | — | < 3.68-47.16.1 | 3.68-47.16.1 | Oct 28, 2020 | When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been com | ||
| CVE-2019-17006 | — | < 3.53.1-38.23.1 | 3.53.1-38.23.1 | Oct 22, 2020 | In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow. | ||
| CVE-2020-25648 | — | < 3.68-47.16.1 | 3.68-47.16.1 | Oct 20, 2020 | A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system ava | ||
| CVE-2020-12401 | — | < 3.68-47.16.1 | 3.68-47.16.1 | Oct 8, 2020 | During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80. | ||
| CVE-2020-12400 | — | < 3.68-47.16.1 | 3.68-47.16.1 | Oct 8, 2020 | When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80. | ||
| CVE-2020-12402 | — | < 3.53.1-38.23.1 | 3.53.1-38.23.1 | Jul 9, 2020 | During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the rec | ||
| CVE-2020-12399 | — | < 3.53.1-38.23.1 | 3.53.1-38.23.1 | Jul 9, 2020 | NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. | ||
| CVE-2019-13722 | — | < 3.47.1-38.12.1 | 3.47.1-38.12.1 | Jan 14, 2020 | Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-9812 | — | < 3.45-38.9.3 | 3.45-38.9.3 | Jan 8, 2020 | Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then syn | ||
| CVE-2019-17012 | — | < 3.47.1-38.12.1 | 3.47.1-38.12.1 | Jan 8, 2020 | Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thun | ||
| CVE-2019-17011 | — | < 3.47.1-38.12.1 | 3.47.1-38.12.1 | Jan 8, 2020 | Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | ||
| CVE-2019-17010 | — | < 3.47.1-38.12.1 | 3.47.1-38.12.1 | Jan 8, 2020 | Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < | ||
| CVE-2019-17009 | — | < 3.47.1-38.12.1 | 3.47.1-38.12.1 | Jan 8, 2020 | When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects W | ||
| CVE-2019-17008 | — | < 3.47.1-38.12.1 | 3.47.1-38.12.1 | Jan 8, 2020 | When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | ||
| CVE-2019-17005 | — | < 3.47.1-38.12.1 | 3.47.1-38.12.1 | Jan 8, 2020 | The plain text serializer used a fixed-size array for the number of elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox | ||
| CVE-2019-11764 | — | < 3.45-38.9.3 | 3.45-38.9.3 | Jan 8, 2020 | Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerabili | ||
| CVE-2019-11763 | — | < 3.45-38.9.3 | 3.45-38.9.3 | Jan 8, 2020 | Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have als |
- CVE-2022-1097Dec 22, 2022affected < 3.68.3-47.25.1fixed 3.68.3-47.25.1
NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
- CVE-2021-43527Dec 8, 2021affected < 3.68.1-47.19.1fixed 3.68.1-47.19.1
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted.
- CVE-2020-12403May 27, 2021affected < 3.68-47.16.1fixed 3.68-47.16.1
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly en
- CVE-2020-6829Oct 28, 2020affected < 3.68-47.16.1fixed 3.68-47.16.1
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been com
- CVE-2019-17006Oct 22, 2020affected < 3.53.1-38.23.1fixed 3.53.1-38.23.1
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
- CVE-2020-25648Oct 20, 2020affected < 3.68-47.16.1fixed 3.68-47.16.1
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system ava
- CVE-2020-12401Oct 8, 2020affected < 3.68-47.16.1fixed 3.68-47.16.1
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
- CVE-2020-12400Oct 8, 2020affected < 3.68-47.16.1fixed 3.68-47.16.1
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
- CVE-2020-12402Jul 9, 2020affected < 3.53.1-38.23.1fixed 3.53.1-38.23.1
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the rec
- CVE-2020-12399Jul 9, 2020affected < 3.53.1-38.23.1fixed 3.53.1-38.23.1
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
- CVE-2019-13722Jan 14, 2020affected < 3.47.1-38.12.1fixed 3.47.1-38.12.1
Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2019-9812Jan 8, 2020affected < 3.45-38.9.3fixed 3.45-38.9.3
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then syn
- CVE-2019-17012Jan 8, 2020affected < 3.47.1-38.12.1fixed 3.47.1-38.12.1
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thun
- CVE-2019-17011Jan 8, 2020affected < 3.47.1-38.12.1fixed 3.47.1-38.12.1
Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
- CVE-2019-17010Jan 8, 2020affected < 3.47.1-38.12.1fixed 3.47.1-38.12.1
Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox <
- CVE-2019-17009Jan 8, 2020affected < 3.47.1-38.12.1fixed 3.47.1-38.12.1
When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects W
- CVE-2019-17008Jan 8, 2020affected < 3.47.1-38.12.1fixed 3.47.1-38.12.1
When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
- CVE-2019-17005Jan 8, 2020affected < 3.47.1-38.12.1fixed 3.47.1-38.12.1
The plain text serializer used a fixed-size array for the number of elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox
- CVE-2019-11764Jan 8, 2020affected < 3.45-38.9.3fixed 3.45-38.9.3
Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerabili
- CVE-2019-11763Jan 8, 2020affected < 3.45-38.9.3fixed 3.45-38.9.3
Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have als
Page 1 of 7