pkg:Debian/nss
131 total CVEsCRITICAL17HIGH34MEDIUM34LOW4
✅ Check your installed version
All known vulnerabilities
- from 0, < 2:3.61-1+deb11u5
- from 0, < 2:3.61-1+deb11u5
- from 0, < 2:3.87.1-1+deb12u2
- CRITICAL9.8CVE-2024-6602A mismatch between allocator and deallocator could have led to memory corruption.from 0, < 2:3.61-1+deb11u4
- from 0, < 3.12.6-1
- from 0, < 3.12.3.1-0lenny3
- from 0, < 2:3.42.1-1+deb10u4
- from 0, < 2:3.26.2-1.1+deb9u3
- from 0, < 2:3.61-1+deb11u1
- from 0, < 2:3.42.1-1+deb10u3
- from 0, < 2:3.26-1+debu8u10
- from 0, < 2:3.47-1
- from 0, < 2:3.26-1+debu8u2
- from 0, < 2:3.26-1+debu7u3
- from 0, < 2:3.26.2-1.1
- CRITICAL9.8CVE-2015-7182Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as use…from 0, < 2:3.20.1-1
- CRITICAL9.1CVE-2020-12403A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55.from 0, < 2:3.55-1
- HIGH8.8CVE-2024-6609When almost out-of-memory an elliptic curve key which was never allocated could have been freed again.from 0, < 2:3.61-1+deb11u4
- from 0, < 2:3.61-1+deb11u3
- from 0, < 2:3.61-1+deb11u3
- from 0, < 2:3.42.1-1+deb10u2
- from 0, < 2:3.47.1-1
- from 0, < 2:3.26-1+debu8u7
- from 0, < 2:3.14.5-1+deb7u8
- from 0, < 2:3.23-1
- from 0, < 2:3.21-1
- from 0, < 2:3.23-1
- HIGH7.8CVE-2017-11698Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dep…from 0
- HIGH7.8CVE-2017-11697The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of s…from 0
- HIGH7.8CVE-2017-11696Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-depe…from 0
- HIGH7.8CVE-2017-11695Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-depen…from 0
- from 0
- from 0
- from 0, < 2:3.87.1-1+deb12u1
- from 0, < 2:3.61-1+deb11u4
- from 0, < 2:3.61-1+deb11u4
- from 0, < 2:3.87-1
- from 0, < 2:3.45-1
- from 0, < 2:3.26-1+debu8u8
- from 0, < 2:3.58-1
- from 0, < 2:3.42.1-1+deb10u7
- HIGH7.5CVE-2016-5285A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / s…from 0, < 2:3.25-1
- HIGH7.5CVE-2019-11729Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into me…from 0, < 2:3.45-1
- from 0, < 2:3.26-1+debu8u5
- from 0, < 2:3.45-1
- from 0, < 2:3.26-1+debu7u5
- from 0, < 2:3.33-1
- from 0, < 2:3.26-1+debu8u3
- from 0, < 2:3.26.2-1.1
- from 0, < 2:3.26-1+debu7u4
- HIGH7.3CVE-2016-1978Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as us…from 0, < 2:3.21-1
- MEDIUM6.5CVE-2024-7531Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridg…from 0
- from 0
- from 0, < 2:3.42.1-1+deb10u8
- MEDIUM6.5CVE-2023-4421The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks.from 0, < 2:3.61-1
- from 0, < 2:3.61-1+deb11u2
- from 0, < 2:3.26.2-1.1+deb9u5
- from 0, < 2:3.42.1-1+deb10u5
- MEDIUM6.5CVE-2018-18508In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resu…from 0, < 2:3.42.1-1
- MEDIUM6.5CVE-2019-17023After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition i…from 0, < 2:3.49-1
- from 0, < 2:3.21-1
- from 0, < 3.12.8-1+squeeze14
- MEDIUM5.9CVE-2020-12413The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification.from 0, < 2:3.17-1
- from 0, < 2:3.26.2-1.1+deb9u2
- from 0, < 2:3.26-1+debu8u4
- from 0, < 2:3.41-1
- MEDIUM5.9CVE-2018-12384When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead.from 0, < 2:3.39-1
- MEDIUM5.9CVE-2016-8635It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack.from 0, < 2:3.25-1
- MEDIUM5.9CVE-2016-9574nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECD…from 0, < 2:3.25-1
- from 0, < 2:3.26.2-1
- from 0, < 2:3.26-1+debu7u2
- MEDIUM5.9CVE-2016-0800The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify m…from 0, < 3.13
- from 0, < 2:3.21-1
- MEDIUM5.9CVE-2009-2408Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do n…from 0, < 3.12.3-1
- from 0
- MEDIUM5.3CVE-2020-6829When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about th…from 0, < 2:3.55-1
- MEDIUM5.3CVE-2019-11727A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures whe…from 0, < 2:3.45-1
- MEDIUM5.3CVE-2017-5462A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bit…from 0, < 2:3.26.2-1.1
- MEDIUM4.7CVE-2020-12401During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulti…from 0, < 2:3.55-1
- from 0, < 2:3.42.1-1+deb10u6
- from 0, < 2:3.55-1
- MEDIUM4.4CVE-2020-12402During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly…from 0, < 2:3.53.1-1
- from 0, < 2:3.26-1+debu8u11
- from 0, < 2:3.53-1
- MEDIUM4.3CVE-2023-6135Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva".from 0
- from 0, < 2:3.14.5-1+deb7u7
- from 0, < 2:3.19.1-1
- from 0, < 2:3.26-1+debu8u1
- from 0, < 2:3.17.1-1
- from 0, < 2:3.20.1-1
- from 0, < 3.12.8-1+squeeze13
- from 0, < 2:3.14.5-1+deb7u6
- —CVE-2015-2730Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before…from 0, < 2:3.19.1-1
- from 0, < 3.12.8-1+squeeze12
- from 0, < 2:3.14.5-1+deb7u5
- from 0, < 2:3.19.1-1
- from 0, < 2:3.17.2-1.1
- from 0, < 2:3.14.5-1+deb7u4
- from 0, < 3.12.8-1+squeeze9
- from 0, < 2:3.17.1-1
- from 0, < 2:3.14.5-1+deb7u2
- from 0, < 3.12.8-1+squeeze10
- from 0, < 2:3.14.5-1+deb7u3
- from 0, < 2:3.16.3-1
- —CVE-2014-1492The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS)…from 0, < 2:3.16-1
- —CVE-2014-1491Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird be…from 0, < 2:3.15.4-1
- —CVE-2014-1490Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x…from 0, < 2:3.15.4-1
- —CVE-2013-1740The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start…from 0, < 2:3.15.4-1
- —CVE-2013-5606The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected…from 0, < 2:3.15.3-1
- from 0, < 2:3.15.3-1
- from 0, < 3.12.8-1+squeeze7
- from 0, < 2:3.14.5-1+deb7u1
- from 0, < 3.12.8-1+squeeze8
- from 0, < 2:3.15.3-1
- from 0, < 2:3.14.4-1
- from 0, < 2:3.15.2-1
- —CVE-2013-0791The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x be…from 0, < 2:3.14.3-1
- —CVE-2013-1620The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant…from 0, < 2:3.14.3-1
- from 0, < 2:3.14.3-1
- from 0, < 3.13.4-1
- from 0, < 3.12.8-1+squeeze5
- from 0, < 3.12.8-1+squeeze4
- from 0, < 3.13.1.with.ckbi.1.88-1
- from 0, < 3.13.1.with.ckbi.1.88-1
- from 0, < 3.12.8-1+squeeze11
- —CVE-2010-3173The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMo…from 0, < 3.12.8-1
- from 0, < 3.12.3.1-0lenny2
- from 0, < 3.12.8-1
- from 0, < 3.12.3-1
- from 0, < 3.12.3.1-0lenny1
- from 0, < 3.12.3-1