rpm package
suse/mozilla-nss&distro=SUSE Linux Enterprise Server 15 SP2-BCL
pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCL
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-31741 | — | < 3.79-150000.3.74.1 | 3.79-150000.3.74.1 | Dec 22, 2022 | A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | ||
| CVE-2022-1097 | — | < 3.68.3-150000.3.67.1 | 3.68.3-150000.3.67.1 | Dec 22, 2022 | NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. |
- CVE-2022-31741Dec 22, 2022affected < 3.79-150000.3.74.1fixed 3.79-150000.3.74.1
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
- CVE-2022-1097Dec 22, 2022affected < 3.68.3-150000.3.67.1fixed 3.68.3-150000.3.67.1
NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.