Nss
Products
3- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-27781 | Hig | 0.42 | 7.5 | 0.02 | Jun 2, 2022 | libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to… | ||
| CVE-2018-12384 | Med | 0.38 | 5.9 | 0.01 | Apr 29, 2019 | When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS… | ||
| CVE-2016-8635 | Med | 0.35 | 5.3 | 0.02 | Aug 1, 2018 | It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group. | ||
| CVE-2004-0826 | 0.02 | — | 0.23 | Dec 31, 2004 | Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. |
- risk 0.42cvss 7.5epss 0.02
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to…
- risk 0.38cvss 5.9epss 0.01
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS…
- risk 0.35cvss 5.3epss 0.02
It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.
- CVE-2004-0826Dec 31, 2004risk 0.02cvss —epss 0.23
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.