Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-17006 (GCVE-0-2019-17006)
Vulnerability from cvelistv5 – Published: 2020-10-22 20:24 – Updated: 2024-08-05 01:24
VLAI
EPSS
Summary
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
Severity
9.8 (Critical)
CWE
- missing length checks for cryptographic primitives
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://developer.mozilla.org/en-US/docs/Mozilla/… | x_refsource_MISC |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1539788 | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2021012… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210129-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NSS",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "3.46",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "missing length checks for cryptographic primitives",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-12T06:05:28.000Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210129-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2019-17006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NSS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.46"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "missing length checks for cryptographic primitives"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes",
"refsource": "MISC",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210129-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210129-0001/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2019-17006",
"datePublished": "2020-10-22T20:24:25.000Z",
"dateReserved": "2019-09-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:24:48.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-17006",
"date": "2026-06-07",
"epss": "0.03036",
"percentile": "0.86933"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.14.0\", \"matchCriteriaId\": \"1B09C415-21F2-49C9-BFAE-2151C8ED4D06\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DAD1B18F-9C37-48CC-92E2-9C5E66B206CB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.14.0\", \"matchCriteriaId\": \"F196C09E-4C45-42D5-B509-7EB77F6566F1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12BD4008-DB6A-4749-A426-D2DE44819A9D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.14.0\", \"matchCriteriaId\": \"13D72F66-A1B2-4FB7-B31B-EF16955BC871\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E79B422-C844-411C-AA49-CFD73D3C6E2D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.14.0\", \"matchCriteriaId\": \"CB658DF3-A68F-4248-B240-9194E17941E1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53AAEC5C-06EE-4C58-A981-EBF5860CEF16\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.14.0\", \"matchCriteriaId\": \"E16E621D-84DB-4F0D-A771-5E282B0292B2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0751225A-6E9C-4281-93A4-A048920FF7C6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.14.0\", \"matchCriteriaId\": \"059624DD-C1C8-408C-8026-D4FBC93C3CF9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.14.0\", \"matchCriteriaId\": \"06AF9201-89AB-42E6-97CF-9EDDC17EF7AE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41ADD701-AD49-46B2-A12E-219CCED32298\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.14.0\", \"matchCriteriaId\": \"2656219C-7E23-47F7-AFB7-0D6D3D2ACA85\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E0E33F2-E89B-4008-BED2-CF2296801078\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.46\", \"matchCriteriaId\": \"83C9B16A-F21D-475D-9B00-9B6E64FAB0F8\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3C19813-E823-456A-B1CE-EC0684CE1953\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD7447BC-F315-4298-A822-549942FC118B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02DEB4FB-A21D-4CB1-B522-EEE5093E8521\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.\"}, {\"lang\": \"es\", \"value\": \"En Network Security Services (NSS) versiones anteriores a 3.46, varias primitivas criptogr\\u00e1ficas presentaban una falta de comprobaci\\u00f3n de longitud.\u0026#xa0;En los casos en que la aplicaci\\u00f3n que llama a la biblioteca no llev\\u00f3 a cabo una comprobaci\\u00f3n de saneo en las entradas, lo que podr\\u00eda resultar en un bloqueo debido a un desbordamiento del b\\u00fafer\"}]",
"id": "CVE-2019-17006",
"lastModified": "2024-11-21T04:31:31.573",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-10-22T21:15:12.560",
"references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1539788\", \"source\": \"security@mozilla.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes\", \"source\": \"security@mozilla.org\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210129-0001/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1539788\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210129-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}, {\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-17006\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2020-10-22T21:15:12.560\",\"lastModified\":\"2024-11-21T04:31:31.573\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.\"},{\"lang\":\"es\",\"value\":\"En Network Security Services (NSS) versiones anteriores a 3.46, varias primitivas criptogr\u00e1ficas presentaban una falta de comprobaci\u00f3n de longitud.\u0026#xa0;En los casos en que la aplicaci\u00f3n que llama a la biblioteca no llev\u00f3 a cabo una comprobaci\u00f3n de saneo en las entradas, lo que podr\u00eda resultar en un bloqueo debido a un desbordamiento del b\u00fafer\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.0\",\"matchCriteriaId\":\"1B09C415-21F2-49C9-BFAE-2151C8ED4D06\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAD1B18F-9C37-48CC-92E2-9C5E66B206CB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.0\",\"matchCriteriaId\":\"F196C09E-4C45-42D5-B509-7EB77F6566F1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12BD4008-DB6A-4749-A426-D2DE44819A9D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.0\",\"matchCriteriaId\":\"13D72F66-A1B2-4FB7-B31B-EF16955BC871\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E79B422-C844-411C-AA49-CFD73D3C6E2D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.0\",\"matchCriteriaId\":\"CB658DF3-A68F-4248-B240-9194E17941E1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53AAEC5C-06EE-4C58-A981-EBF5860CEF16\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.0\",\"matchCriteriaId\":\"E16E621D-84DB-4F0D-A771-5E282B0292B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0751225A-6E9C-4281-93A4-A048920FF7C6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.0\",\"matchCriteriaId\":\"059624DD-C1C8-408C-8026-D4FBC93C3CF9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.0\",\"matchCriteriaId\":\"06AF9201-89AB-42E6-97CF-9EDDC17EF7AE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41ADD701-AD49-46B2-A12E-219CCED32298\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.0\",\"matchCriteriaId\":\"2656219C-7E23-47F7-AFB7-0D6D3D2ACA85\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E0E33F2-E89B-4008-BED2-CF2296801078\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.46\",\"matchCriteriaId\":\"83C9B16A-F21D-475D-9B00-9B6E64FAB0F8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02DEB4FB-A21D-4CB1-B522-EEE5093E8521\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1539788\",\"source\":\"security@mozilla.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes\",\"source\":\"security@mozilla.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210129-0001/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1539788\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210129-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
CERTFR-2024-AVI-1103
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.4 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.2 ifix 01 | ||
| IBM | QRadar SIEM | Security QRadar Log Management AQL Plugin versions antérieures à 1.1.0 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.x antérieures à 6.0.3.1 (fixpack) GA | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP5 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.1 (fixpack) GA | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.0 ifix 01 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11_ifix001 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": " Security QRadar Log Management AQL Plugin versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.0 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11_ifix001",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"name": "CVE-2023-41334",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41334"
},
{
"name": "CVE-2023-37536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37536"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2024-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22871"
},
{
"name": "CVE-2024-7006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2018-15209",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15209"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2018-17100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17100"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2022-34266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34266"
},
{
"name": "CVE-2020-35521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35521"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2023-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2024-39008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39008"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2019-6128",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6128"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2024-45082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45082"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2023-4759",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4759"
},
{
"name": "CVE-2017-11613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11613"
},
{
"name": "CVE-2017-12652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12652"
},
{
"name": "CVE-2024-41752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41752"
},
{
"name": "CVE-2023-50447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50447"
},
{
"name": "CVE-2018-18508",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18508"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2014-1544",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1544"
},
{
"name": "CVE-2023-4421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4421"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2023-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2023-50292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50292"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2020-25648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25648"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2019-17007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17007"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2023-38289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38289"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2010-1205",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2015-7182",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7182"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2018-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16335"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2020-19144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19144"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2017-12627",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12627"
},
{
"name": "CVE-2018-17101",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17101"
},
{
"name": "CVE-2023-50291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
},
{
"name": "CVE-2014-1568",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
},
{
"name": "CVE-2020-26261",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26261"
},
{
"name": "CVE-2023-24816",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24816"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2019-17546",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17546"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2022-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3479"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2020-15110",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15110"
},
{
"name": "CVE-2023-25435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25435"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2017-18869",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18869"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2022-0891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0891"
},
{
"name": "CVE-2018-7456",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7456"
},
{
"name": "CVE-2023-38288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38288"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2017-18013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18013"
},
{
"name": "CVE-2023-25194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25194"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2016-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1938"
},
{
"name": "CVE-2017-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11698"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2024-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38337"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-12404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12404"
},
{
"name": "CVE-2019-14973",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14973"
},
{
"name": "CVE-2020-36191",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36191"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-30775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30775"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2020-19131",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19131"
},
{
"name": "CVE-2015-7575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7575"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2018-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5784"
},
{
"name": "CVE-2018-17000",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17000"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2020-35523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35523"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2022-34749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34749"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2020-19189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2019-11745",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11745"
},
{
"name": "CVE-2019-11729",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11729"
},
{
"name": "CVE-2024-34102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34102"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2021-32862",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32862"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2024-4367",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4367"
},
{
"name": "CVE-2024-25016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25016"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2023-25434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25434"
},
{
"name": "CVE-2024-29896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29896"
},
{
"name": "CVE-2015-7181",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7181"
},
{
"name": "CVE-2020-18768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18768"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2017-5461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5461"
},
{
"name": "CVE-2014-1569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1569"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2017-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11695"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2017-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11697"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2018-19210",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19210"
},
{
"name": "CVE-2013-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2099"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-10255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10255"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2020-35524",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35524"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-35522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35522"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2017-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11696"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-1103",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177142",
"url": "https://www.ibm.com/support/pages/node/7177142"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177223",
"url": "https://www.ibm.com/support/pages/node/7177223"
},
{
"published_at": "2024-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179044",
"url": "https://www.ibm.com/support/pages/node/7179044"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179156",
"url": "https://www.ibm.com/support/pages/node/7179156"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179166",
"url": "https://www.ibm.com/support/pages/node/7179166"
},
{
"published_at": "2024-12-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178835",
"url": "https://www.ibm.com/support/pages/node/7178835"
}
]
}
Title
Mozilla Network Security Services缓冲区溢出漏洞(CNVD-2020-01173)
Description
Mozilla Network Security Services(NSS)是美国Mozilla基金会的一个函数库(网络安全服务库)。该产品可跨平台提供SSL、S/MIME和其他Internet安全标准支持。
Mozilla NSS中存在缓冲区错误漏洞。该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。
Severity
高
Patch Name
Mozilla Network Security Services缓冲区溢出漏洞(CNVD-2020-01173)的补丁
Patch Description
Mozilla Network Security Services(NSS)是美国Mozilla基金会的一个函数库(网络安全服务库)。该产品可跨平台提供SSL、S/MIME和其他Internet安全标准支持。
Mozilla NSS中存在缓冲区错误漏洞。该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下供应商提供的安全公告获得补丁信息: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes
Reference
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes
Impacted products
| Name | Mozilla Network Security Services |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-17006"
}
},
"description": "Mozilla Network Security Services\uff08NSS\uff09\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u51fd\u6570\u5e93\uff08\u7f51\u7edc\u5b89\u5168\u670d\u52a1\u5e93\uff09\u3002\u8be5\u4ea7\u54c1\u53ef\u8de8\u5e73\u53f0\u63d0\u4f9bSSL\u3001S/MIME\u548c\u5176\u4ed6Internet\u5b89\u5168\u6807\u51c6\u652f\u6301\u3002\n\nMozilla NSS\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u5185\u5b58\u4e0a\u6267\u884c\u64cd\u4f5c\u65f6\uff0c\u672a\u6b63\u786e\u9a8c\u8bc1\u6570\u636e\u8fb9\u754c\uff0c\u5bfc\u81f4\u5411\u5173\u8054\u7684\u5176\u4ed6\u5185\u5b58\u4f4d\u7f6e\u4e0a\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bfb\u5199\u64cd\u4f5c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-01173",
"openTime": "2020-01-09",
"patchDescription": "Mozilla Network Security Services\uff08NSS\uff09\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u51fd\u6570\u5e93\uff08\u7f51\u7edc\u5b89\u5168\u670d\u52a1\u5e93\uff09\u3002\u8be5\u4ea7\u54c1\u53ef\u8de8\u5e73\u53f0\u63d0\u4f9bSSL\u3001S/MIME\u548c\u5176\u4ed6Internet\u5b89\u5168\u6807\u51c6\u652f\u6301\u3002\r\n\r\nMozilla NSS\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u5185\u5b58\u4e0a\u6267\u884c\u64cd\u4f5c\u65f6\uff0c\u672a\u6b63\u786e\u9a8c\u8bc1\u6570\u636e\u8fb9\u754c\uff0c\u5bfc\u81f4\u5411\u5173\u8054\u7684\u5176\u4ed6\u5185\u5b58\u4f4d\u7f6e\u4e0a\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bfb\u5199\u64cd\u4f5c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Mozilla Network Security Services\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2020-01173\uff09\u7684\u8865\u4e01",
"products": {
"product": "Mozilla Network Security Services"
},
"referenceLink": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes",
"serverity": "\u9ad8",
"submitTime": "2019-12-27",
"title": "Mozilla Network Security Services\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2020-01173\uff09"
}
FKIE_CVE-2019-17006
Vulnerability from fkie_nvd - Published: 2020-10-22 21:15 - Updated: 2024-11-21 04:31
Severity
Summary
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B09C415-21F2-49C9-BFAE-2151C8ED4D06",
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F196C09E-4C45-42D5-B509-7EB77F6566F1",
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13D72F66-A1B2-4FB7-B31B-EF16955BC871",
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB658DF3-A68F-4248-B240-9194E17941E1",
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16E621D-84DB-4F0D-A771-5E282B0292B2",
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "059624DD-C1C8-408C-8026-D4FBC93C3CF9",
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06AF9201-89AB-42E6-97CF-9EDDC17EF7AE",
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2656219C-7E23-47F7-AFB7-0D6D3D2ACA85",
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83C9B16A-F21D-475D-9B00-9B6E64FAB0F8",
"versionEndExcluding": "3.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02DEB4FB-A21D-4CB1-B522-EEE5093E8521",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow."
},
{
"lang": "es",
"value": "En Network Security Services (NSS) versiones anteriores a 3.46, varias primitivas criptogr\u00e1ficas presentaban una falta de comprobaci\u00f3n de longitud.\u0026#xa0;En los casos en que la aplicaci\u00f3n que llama a la biblioteca no llev\u00f3 a cabo una comprobaci\u00f3n de saneo en las entradas, lo que podr\u00eda resultar en un bloqueo debido a un desbordamiento del b\u00fafer"
}
],
"id": "CVE-2019-17006",
"lastModified": "2024-11-21T04:31:31.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-22T21:15:12.560",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"source": "security@mozilla.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210129-0001/"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210129-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-H4CR-X49J-2R7W
Vulnerability from github – Published: 2022-05-24 17:31 – Updated: 2022-05-24 17:31
VLAI
Details
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
{
"affected": [],
"aliases": [
"CVE-2019-17006"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-10-22T21:15:00Z",
"severity": "CRITICAL"
},
"details": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
"id": "GHSA-h4cr-x49j-2r7w",
"modified": "2022-05-24T17:31:55Z",
"published": "2022-05-24T17:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17006"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"type": "WEB",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210129-0001"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2019-17006
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-17006",
"description": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
"id": "GSD-2019-17006",
"references": [
"https://www.suse.com/security/cve/CVE-2019-17006.html",
"https://www.debian.org/security/2020/dsa-4726",
"https://access.redhat.com/errata/RHSA-2021:1026",
"https://access.redhat.com/errata/RHSA-2021:0876",
"https://access.redhat.com/errata/RHSA-2021:0758",
"https://access.redhat.com/errata/RHSA-2020:4076",
"https://access.redhat.com/errata/RHSA-2020:3280",
"https://ubuntu.com/security/CVE-2019-17006",
"https://alas.aws.amazon.com/cve/html/CVE-2019-17006.html",
"https://linux.oracle.com/cve/CVE-2019-17006.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-17006"
],
"details": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
"id": "GSD-2019-17006",
"modified": "2023-12-13T01:23:44.731240Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2019-17006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NSS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.46"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "missing length checks for cryptographic primitives"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes",
"refsource": "MISC",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210129-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210129-0001/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.46",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2019-17006"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788",
"refsource": "MISC",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1539788"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210129-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210129-0001/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-07-21T11:39Z",
"publishedDate": "2020-10-22T21:15Z"
}
}
}
ICSA-21-040-04
Vulnerability from csaf_cisa - Published: 2021-02-09 00:00 - Updated: 2021-02-09 00:00Summary
Siemens RUGGEDCOM ROX II
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: Successful exploitation of these vulnerabilities could allow the decryption of encrypted content, possible code execution, or cause a system crash, resulting in a denial-of-service condition.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internalprocedures and report their findings to CISA for tracking and correlation against other incidents.
Recommended Practices: CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability: No known public exploits specifically target these vulnerabilities.
CWE-20
- Improper Input Validation
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM ROX MX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX MX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1400: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1400
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1500: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1500
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1501: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1501
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1510: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1510
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1511: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1511
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1512: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1512
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
CWE-476
- NULL Pointer Dereference
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM ROX MX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX MX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1400: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1400
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1500: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1500
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1501: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1501
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1510: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1510
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1511: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1511
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1512: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1512
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
CWE-787
- Out-of-bounds Write
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM ROX MX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX MX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1400: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1400
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1500: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1500
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1501: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1501
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1510: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1510
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1511: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1511
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1512: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1512
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
9.8 (Critical)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM ROX MX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX MX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1400: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1400
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1500: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1500
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1501: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1501
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1510: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1510
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1511: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1511
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1512: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1512
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
CWE-295
- Improper Certificate Validation
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM ROX MX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX MX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1400: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1400
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1500: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1500
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1501: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1501
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1510: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1510
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1511: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1511
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1512: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1512
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
CWE-125
- Out-of-bounds Read
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM ROX MX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX MX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1400: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1400
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1500: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1500
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1501: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1501
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1510: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1510
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1511: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1511
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX1512: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX1512
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
|
|
RUGGEDCOM ROX RX5000: All versions < V2.14.0
Siemens / RUGGEDCOM ROX RX5000
|
All versions < V2.14.0 |
Vendor Fix
Vendor Fix
fix
Mitigation
|
References
18 references
Acknowledgments
Siemens ProductCERT
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow the decryption of encrypted content, possible code execution, or cause a system crash, resulting in a denial-of-service condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internalprocedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-040-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-040-04.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-040-04 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-040-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ncas/tips/ST04-014"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-496604: SSA-379803: Vulnerabilities in RUGGEDCOM ROX II - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-379803.txt"
}
],
"title": "Siemens RUGGEDCOM ROX II",
"tracking": {
"current_release_date": "2021-02-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-040-04",
"initial_release_date": "2021-02-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-02-09T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-040-04 Siemens RUGGEDCOM ROX II"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.14.0",
"product": {
"name": "RUGGEDCOM ROX MX5000: All versions \u003c V2.14.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX MX5000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.14.0",
"product": {
"name": "RUGGEDCOM ROX RX1400: All versions \u003c V2.14.0",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1400"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.14.0",
"product": {
"name": "RUGGEDCOM ROX RX1500: All versions \u003c V2.14.0",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1500"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.14.0",
"product": {
"name": "RUGGEDCOM ROX RX1501: All versions \u003c V2.14.0",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1501"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.14.0",
"product": {
"name": "RUGGEDCOM ROX RX1510: All versions \u003c V2.14.0",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1510"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.14.0",
"product": {
"name": "RUGGEDCOM ROX RX1511: All versions \u003c V2.14.0",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1511"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.14.0",
"product": {
"name": "RUGGEDCOM ROX RX1512: All versions \u003c V2.14.0",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1512"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.14.0",
"product": {
"name": "RUGGEDCOM ROX RX5000: All versions \u003c V2.14.0",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX5000"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12404",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109792715/",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12404"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable IPsec unless the feature is required in the network environment.\nNote that IPsec is disabled by default.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0008"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2018-18508",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109792715/",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18508"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable IPsec unless the feature is required in the network environment.\nNote that IPsec is disabled by default.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0008"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2019-11745",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109792715/",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11745"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable IPsec unless the feature is required in the network environment.\nNote that IPsec is disabled by default.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0008"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2019-17006",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "summary",
"text": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109792715/",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-17006"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable IPsec unless the feature is required in the network environment.\nNote that IPsec is disabled by default.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0008"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2019-17007",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109792715/",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-17007"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable IPsec unless the feature is required in the network environment.\nNote that IPsec is disabled by default.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0008"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-1763",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31. An unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109792715/",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1763"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable IPsec unless the feature is required in the network environment.\nNote that IPsec is disabled by default.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "vendor_fix",
"details": "Update to V2.14.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109792715/ ",
"product_ids": [
"CSAFPID-0008"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109792715/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
}
]
}
OPENSUSE-SU-2020:0008-1
Vulnerability from csaf_opensuse - Published: 2020-01-11 19:14 - Updated: 2020-01-11 19:14Summary
Security update for mozilla-nspr, mozilla-nss
Severity
Moderate
Notes
Title of the patch: Security update for mozilla-nspr, mozilla-nss
Description of the patch: This update for mozilla-nspr, mozilla-nss fixes the following issues:
mozilla-nss was updated to NSS 3.47.1:
Security issues fixed:
- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).
- CVE-2019-11745: EncryptUpdate should use maxout, not block size (bsc#1158527).
- CVE-2019-11727: Fixed vulnerability sign CertificateVerify with PKCS#1 v1.5 signatures issue (bsc#1141322).
mozilla-nspr was updated to version 4.23:
- Whitespace in C files was cleaned up and no longer uses tab characters for indenting.
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2020-8
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
17 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for mozilla-nspr, mozilla-nss",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mozilla-nspr, mozilla-nss fixes the following issues:\n\nmozilla-nss was updated to NSS 3.47.1:\n\nSecurity issues fixed:\n\n- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).\n- CVE-2019-11745: EncryptUpdate should use maxout, not block size (bsc#1158527).\n- CVE-2019-11727: Fixed vulnerability sign CertificateVerify with PKCS#1 v1.5 signatures issue (bsc#1141322).\n\nmozilla-nspr was updated to version 4.23:\n\n- Whitespace in C files was cleaned up and no longer uses tab characters for indenting.\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-8",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0008-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0008-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AN4USN47JRBDAYTJ7ARVSFYOKEKTGTFV/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0008-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AN4USN47JRBDAYTJ7ARVSFYOKEKTGTFV/"
},
{
"category": "self",
"summary": "SUSE Bug 1141322",
"url": "https://bugzilla.suse.com/1141322"
},
{
"category": "self",
"summary": "SUSE Bug 1158527",
"url": "https://bugzilla.suse.com/1158527"
},
{
"category": "self",
"summary": "SUSE Bug 1159819",
"url": "https://bugzilla.suse.com/1159819"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18508 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11745 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17006 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17006/"
}
],
"title": "Security update for mozilla-nspr, mozilla-nss",
"tracking": {
"current_release_date": "2020-01-11T19:14:54Z",
"generator": {
"date": "2020-01-11T19:14:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0008-1",
"initial_release_date": "2020-01-11T19:14:54Z",
"revision_history": [
{
"date": "2020-01-11T19:14:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.47.1-lp151.2.9.1.i586",
"product": {
"name": "libfreebl3-3.47.1-lp151.2.9.1.i586",
"product_id": "libfreebl3-3.47.1-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"product": {
"name": "libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"product_id": "libfreebl3-hmac-3.47.1-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.47.1-lp151.2.9.1.i586",
"product": {
"name": "libsoftokn3-3.47.1-lp151.2.9.1.i586",
"product_id": "libsoftokn3-3.47.1-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"product": {
"name": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"product_id": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-4.23-lp151.2.6.1.i586",
"product": {
"name": "mozilla-nspr-4.23-lp151.2.6.1.i586",
"product_id": "mozilla-nspr-4.23-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"product": {
"name": "mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"product_id": "mozilla-nspr-devel-4.23-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.47.1-lp151.2.9.1.i586",
"product": {
"name": "mozilla-nss-3.47.1-lp151.2.9.1.i586",
"product_id": "mozilla-nss-3.47.1-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"product": {
"name": "mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"product_id": "mozilla-nss-certs-3.47.1-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"product": {
"name": "mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"product_id": "mozilla-nss-devel-3.47.1-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"product": {
"name": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"product_id": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"product": {
"name": "mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"product_id": "mozilla-nss-tools-3.47.1-lp151.2.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"product_id": "libfreebl3-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"product_id": "libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"product_id": "libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"product_id": "libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"product_id": "libsoftokn3-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"product_id": "libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"product_id": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"product_id": "libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"product": {
"name": "mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"product_id": "mozilla-nspr-4.23-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"product": {
"name": "mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"product_id": "mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"product": {
"name": "mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"product_id": "mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"product_id": "mozilla-nss-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"product_id": "mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"product_id": "mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"product_id": "mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"product_id": "mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"product_id": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"product_id": "mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64",
"product_id": "mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.47.1-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586"
},
"product_reference": "libfreebl3-3.47.1-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-3.47.1-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586"
},
"product_reference": "libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.47.1-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586"
},
"product_reference": "libsoftokn3-3.47.1-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586"
},
"product_reference": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-4.23-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586"
},
"product_reference": "mozilla-nspr-4.23-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-4.23-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64"
},
"product_reference": "mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64"
},
"product_reference": "mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-devel-4.23-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586"
},
"product_reference": "mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64"
},
"product_reference": "mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.47.1-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586"
},
"product_reference": "mozilla-nss-3.47.1-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.47.1-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586"
},
"product_reference": "mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.47.1-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586"
},
"product_reference": "mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586"
},
"product_reference": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.47.1-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586"
},
"product_reference": "mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-18508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18508"
}
],
"notes": [
{
"category": "general",
"text": "In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18508",
"url": "https://www.suse.com/security/cve/CVE-2018-18508"
},
{
"category": "external",
"summary": "SUSE Bug 1124571 for CVE-2018-18508",
"url": "https://bugzilla.suse.com/1124571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-11T19:14:54Z",
"details": "moderate"
}
],
"title": "CVE-2018-18508"
},
{
"cve": "CVE-2019-11745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11745"
}
],
"notes": [
{
"category": "general",
"text": "When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11745",
"url": "https://www.suse.com/security/cve/CVE-2019-11745"
},
{
"category": "external",
"summary": "SUSE Bug 1158328 for CVE-2019-11745",
"url": "https://bugzilla.suse.com/1158328"
},
{
"category": "external",
"summary": "SUSE Bug 1158527 for CVE-2019-11745",
"url": "https://bugzilla.suse.com/1158527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-11T19:14:54Z",
"details": "important"
}
],
"title": "CVE-2019-11745"
},
{
"cve": "CVE-2019-17006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17006"
}
],
"notes": [
{
"category": "general",
"text": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17006",
"url": "https://www.suse.com/security/cve/CVE-2019-17006"
},
{
"category": "external",
"summary": "SUSE Bug 1159819 for CVE-2019-17006",
"url": "https://bugzilla.suse.com/1159819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.23-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.47.1-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.47.1-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-11T19:14:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-17006"
}
]
}
OPENSUSE-SU-2020:0854-1
Vulnerability from csaf_opensuse - Published: 2020-06-24 04:17 - Updated: 2020-06-24 04:17Summary
Security update for mozilla-nspr, mozilla-nss
Severity
Important
Notes
Title of the patch: Security update for mozilla-nspr, mozilla-nss
Description of the patch: This update for mozilla-nspr, mozilla-nss fixes the following issues:
mozilla-nss was updated to version 3.53
- CVE-2020-12399: Fixed a timing attack on DSA signature generation (bsc#1171978).
- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).
Release notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53_release_notes
mozilla-nspr to version 4.25
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2020-854
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.8 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for mozilla-nspr, mozilla-nss",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mozilla-nspr, mozilla-nss fixes the following issues:\n\nmozilla-nss was updated to version 3.53\n\n- CVE-2020-12399: Fixed a timing attack on DSA signature generation (bsc#1171978).\n- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).\nRelease notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53_release_notes\n\nmozilla-nspr to version 4.25\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-854",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0854-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0854-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HXBTGBKRMQSNENPDBPRN6BJXXF2PQMP4/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0854-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HXBTGBKRMQSNENPDBPRN6BJXXF2PQMP4/"
},
{
"category": "self",
"summary": "SUSE Bug 1159819",
"url": "https://bugzilla.suse.com/1159819"
},
{
"category": "self",
"summary": "SUSE Bug 1169746",
"url": "https://bugzilla.suse.com/1169746"
},
{
"category": "self",
"summary": "SUSE Bug 1171978",
"url": "https://bugzilla.suse.com/1171978"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17006 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12399 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12399/"
}
],
"title": "Security update for mozilla-nspr, mozilla-nss",
"tracking": {
"current_release_date": "2020-06-24T04:17:54Z",
"generator": {
"date": "2020-06-24T04:17:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0854-1",
"initial_release_date": "2020-06-24T04:17:54Z",
"revision_history": [
{
"date": "2020-06-24T04:17:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.53-lp151.2.23.1.i586",
"product": {
"name": "libfreebl3-3.53-lp151.2.23.1.i586",
"product_id": "libfreebl3-3.53-lp151.2.23.1.i586"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-3.53-lp151.2.23.1.i586",
"product": {
"name": "libfreebl3-hmac-3.53-lp151.2.23.1.i586",
"product_id": "libfreebl3-hmac-3.53-lp151.2.23.1.i586"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.53-lp151.2.23.1.i586",
"product": {
"name": "libsoftokn3-3.53-lp151.2.23.1.i586",
"product_id": "libsoftokn3-3.53-lp151.2.23.1.i586"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-3.53-lp151.2.23.1.i586",
"product": {
"name": "libsoftokn3-hmac-3.53-lp151.2.23.1.i586",
"product_id": "libsoftokn3-hmac-3.53-lp151.2.23.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-4.25-lp151.2.9.1.i586",
"product": {
"name": "mozilla-nspr-4.25-lp151.2.9.1.i586",
"product_id": "mozilla-nspr-4.25-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-devel-4.25-lp151.2.9.1.i586",
"product": {
"name": "mozilla-nspr-devel-4.25-lp151.2.9.1.i586",
"product_id": "mozilla-nspr-devel-4.25-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.53-lp151.2.23.1.i586",
"product": {
"name": "mozilla-nss-3.53-lp151.2.23.1.i586",
"product_id": "mozilla-nss-3.53-lp151.2.23.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.53-lp151.2.23.1.i586",
"product": {
"name": "mozilla-nss-certs-3.53-lp151.2.23.1.i586",
"product_id": "mozilla-nss-certs-3.53-lp151.2.23.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.53-lp151.2.23.1.i586",
"product": {
"name": "mozilla-nss-devel-3.53-lp151.2.23.1.i586",
"product_id": "mozilla-nss-devel-3.53-lp151.2.23.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.53-lp151.2.23.1.i586",
"product": {
"name": "mozilla-nss-sysinit-3.53-lp151.2.23.1.i586",
"product_id": "mozilla-nss-sysinit-3.53-lp151.2.23.1.i586"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.53-lp151.2.23.1.i586",
"product": {
"name": "mozilla-nss-tools-3.53-lp151.2.23.1.i586",
"product_id": "mozilla-nss-tools-3.53-lp151.2.23.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "libfreebl3-3.53-lp151.2.23.1.x86_64",
"product_id": "libfreebl3-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "libfreebl3-32bit-3.53-lp151.2.23.1.x86_64",
"product_id": "libfreebl3-32bit-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "libfreebl3-hmac-3.53-lp151.2.23.1.x86_64",
"product_id": "libfreebl3-hmac-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"product_id": "libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "libsoftokn3-3.53-lp151.2.23.1.x86_64",
"product_id": "libsoftokn3-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64",
"product_id": "libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64",
"product_id": "libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"product_id": "libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-4.25-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nspr-4.25-lp151.2.9.1.x86_64",
"product_id": "mozilla-nspr-4.25-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64",
"product_id": "mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64",
"product": {
"name": "mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64",
"product_id": "mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "mozilla-nss-3.53-lp151.2.23.1.x86_64",
"product_id": "mozilla-nss-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64",
"product_id": "mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "mozilla-nss-certs-3.53-lp151.2.23.1.x86_64",
"product_id": "mozilla-nss-certs-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64",
"product_id": "mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "mozilla-nss-devel-3.53-lp151.2.23.1.x86_64",
"product_id": "mozilla-nss-devel-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64",
"product_id": "mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64",
"product_id": "mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.53-lp151.2.23.1.x86_64",
"product": {
"name": "mozilla-nss-tools-3.53-lp151.2.23.1.x86_64",
"product_id": "mozilla-nss-tools-3.53-lp151.2.23.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.53-lp151.2.23.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.i586"
},
"product_reference": "libfreebl3-3.53-lp151.2.23.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "libfreebl3-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-32bit-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "libfreebl3-32bit-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-3.53-lp151.2.23.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.i586"
},
"product_reference": "libfreebl3-hmac-3.53-lp151.2.23.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "libfreebl3-hmac-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.53-lp151.2.23.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.i586"
},
"product_reference": "libsoftokn3-3.53-lp151.2.23.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "libsoftokn3-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-3.53-lp151.2.23.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.i586"
},
"product_reference": "libsoftokn3-hmac-3.53-lp151.2.23.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-4.25-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.i586"
},
"product_reference": "mozilla-nspr-4.25-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-4.25-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nspr-4.25-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-devel-4.25-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.i586"
},
"product_reference": "mozilla-nspr-devel-4.25-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64"
},
"product_reference": "mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.53-lp151.2.23.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.i586"
},
"product_reference": "mozilla-nss-3.53-lp151.2.23.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "mozilla-nss-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.53-lp151.2.23.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.i586"
},
"product_reference": "mozilla-nss-certs-3.53-lp151.2.23.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "mozilla-nss-certs-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.53-lp151.2.23.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.i586"
},
"product_reference": "mozilla-nss-devel-3.53-lp151.2.23.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "mozilla-nss-devel-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.53-lp151.2.23.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.i586"
},
"product_reference": "mozilla-nss-sysinit-3.53-lp151.2.23.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.53-lp151.2.23.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.i586"
},
"product_reference": "mozilla-nss-tools-3.53-lp151.2.23.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.53-lp151.2.23.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.x86_64"
},
"product_reference": "mozilla-nss-tools-3.53-lp151.2.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17006"
}
],
"notes": [
{
"category": "general",
"text": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17006",
"url": "https://www.suse.com/security/cve/CVE-2019-17006"
},
{
"category": "external",
"summary": "SUSE Bug 1159819 for CVE-2019-17006",
"url": "https://bugzilla.suse.com/1159819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-24T04:17:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-17006"
},
{
"cve": "CVE-2020-12399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12399"
}
],
"notes": [
{
"category": "general",
"text": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12399",
"url": "https://www.suse.com/security/cve/CVE-2020-12399"
},
{
"category": "external",
"summary": "SUSE Bug 1171978 for CVE-2020-12399",
"url": "https://bugzilla.suse.com/1171978"
},
{
"category": "external",
"summary": "SUSE Bug 1172402 for CVE-2020-12399",
"url": "https://bugzilla.suse.com/1172402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libfreebl3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libfreebl3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:libsoftokn3-hmac-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:libsoftokn3-hmac-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-32bit-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.i586",
"openSUSE Leap 15.1:mozilla-nspr-devel-4.25-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-certs-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-certs-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-devel-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-sysinit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-sysinit-32bit-3.53-lp151.2.23.1.x86_64",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.i586",
"openSUSE Leap 15.1:mozilla-nss-tools-3.53-lp151.2.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-24T04:17:54Z",
"details": "moderate"
}
],
"title": "CVE-2020-12399"
}
]
}
OPENSUSE-SU-2024:11058-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libfreebl3-3.69.1-1.2 on GA media
Severity
Moderate
Notes
Title of the patch: libfreebl3-3.69.1-1.2 on GA media
Description of the patch: These are all security issues fixed in the libfreebl3-3.69.1-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-11058
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.1 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
4.4 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.1 (Critical)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.5 (High)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
56 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libfreebl3-3.69.1-1.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libfreebl3-3.69.1-1.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11058",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11058-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0495 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12384 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12384/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12404 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11719 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11727 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11729 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11745 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17006 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12399 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12401 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12402 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12403 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25648 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6829 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6829/"
}
],
"title": "libfreebl3-3.69.1-1.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11058-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.69.1-1.2.aarch64",
"product": {
"name": "libfreebl3-3.69.1-1.2.aarch64",
"product_id": "libfreebl3-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.69.1-1.2.aarch64",
"product": {
"name": "libfreebl3-32bit-3.69.1-1.2.aarch64",
"product_id": "libfreebl3-32bit-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-3.69.1-1.2.aarch64",
"product": {
"name": "libfreebl3-hmac-3.69.1-1.2.aarch64",
"product_id": "libfreebl3-hmac-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"product": {
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"product_id": "libfreebl3-hmac-32bit-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.69.1-1.2.aarch64",
"product": {
"name": "libsoftokn3-3.69.1-1.2.aarch64",
"product_id": "libsoftokn3-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.69.1-1.2.aarch64",
"product": {
"name": "libsoftokn3-32bit-3.69.1-1.2.aarch64",
"product_id": "libsoftokn3-32bit-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-3.69.1-1.2.aarch64",
"product": {
"name": "libsoftokn3-hmac-3.69.1-1.2.aarch64",
"product_id": "libsoftokn3-hmac-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"product": {
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"product_id": "libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.69.1-1.2.aarch64",
"product": {
"name": "mozilla-nss-3.69.1-1.2.aarch64",
"product_id": "mozilla-nss-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.69.1-1.2.aarch64",
"product": {
"name": "mozilla-nss-32bit-3.69.1-1.2.aarch64",
"product_id": "mozilla-nss-32bit-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.69.1-1.2.aarch64",
"product": {
"name": "mozilla-nss-certs-3.69.1-1.2.aarch64",
"product_id": "mozilla-nss-certs-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"product": {
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"product_id": "mozilla-nss-certs-32bit-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.69.1-1.2.aarch64",
"product": {
"name": "mozilla-nss-devel-3.69.1-1.2.aarch64",
"product_id": "mozilla-nss-devel-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"product": {
"name": "mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"product_id": "mozilla-nss-sysinit-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"product_id": "mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.69.1-1.2.aarch64",
"product": {
"name": "mozilla-nss-tools-3.69.1-1.2.aarch64",
"product_id": "mozilla-nss-tools-3.69.1-1.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.69.1-1.2.ppc64le",
"product": {
"name": "libfreebl3-3.69.1-1.2.ppc64le",
"product_id": "libfreebl3-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.69.1-1.2.ppc64le",
"product": {
"name": "libfreebl3-32bit-3.69.1-1.2.ppc64le",
"product_id": "libfreebl3-32bit-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-3.69.1-1.2.ppc64le",
"product": {
"name": "libfreebl3-hmac-3.69.1-1.2.ppc64le",
"product_id": "libfreebl3-hmac-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"product": {
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"product_id": "libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.69.1-1.2.ppc64le",
"product": {
"name": "libsoftokn3-3.69.1-1.2.ppc64le",
"product_id": "libsoftokn3-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"product": {
"name": "libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"product_id": "libsoftokn3-32bit-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"product": {
"name": "libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"product_id": "libsoftokn3-hmac-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"product": {
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"product_id": "libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.69.1-1.2.ppc64le",
"product": {
"name": "mozilla-nss-3.69.1-1.2.ppc64le",
"product_id": "mozilla-nss-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"product": {
"name": "mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"product_id": "mozilla-nss-32bit-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.69.1-1.2.ppc64le",
"product": {
"name": "mozilla-nss-certs-3.69.1-1.2.ppc64le",
"product_id": "mozilla-nss-certs-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"product": {
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"product_id": "mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.69.1-1.2.ppc64le",
"product": {
"name": "mozilla-nss-devel-3.69.1-1.2.ppc64le",
"product_id": "mozilla-nss-devel-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"product": {
"name": "mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"product_id": "mozilla-nss-sysinit-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"product_id": "mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.69.1-1.2.ppc64le",
"product": {
"name": "mozilla-nss-tools-3.69.1-1.2.ppc64le",
"product_id": "mozilla-nss-tools-3.69.1-1.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.69.1-1.2.s390x",
"product": {
"name": "libfreebl3-3.69.1-1.2.s390x",
"product_id": "libfreebl3-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.69.1-1.2.s390x",
"product": {
"name": "libfreebl3-32bit-3.69.1-1.2.s390x",
"product_id": "libfreebl3-32bit-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-3.69.1-1.2.s390x",
"product": {
"name": "libfreebl3-hmac-3.69.1-1.2.s390x",
"product_id": "libfreebl3-hmac-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"product": {
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"product_id": "libfreebl3-hmac-32bit-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.69.1-1.2.s390x",
"product": {
"name": "libsoftokn3-3.69.1-1.2.s390x",
"product_id": "libsoftokn3-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.69.1-1.2.s390x",
"product": {
"name": "libsoftokn3-32bit-3.69.1-1.2.s390x",
"product_id": "libsoftokn3-32bit-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-3.69.1-1.2.s390x",
"product": {
"name": "libsoftokn3-hmac-3.69.1-1.2.s390x",
"product_id": "libsoftokn3-hmac-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"product": {
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"product_id": "libsoftokn3-hmac-32bit-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.69.1-1.2.s390x",
"product": {
"name": "mozilla-nss-3.69.1-1.2.s390x",
"product_id": "mozilla-nss-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.69.1-1.2.s390x",
"product": {
"name": "mozilla-nss-32bit-3.69.1-1.2.s390x",
"product_id": "mozilla-nss-32bit-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.69.1-1.2.s390x",
"product": {
"name": "mozilla-nss-certs-3.69.1-1.2.s390x",
"product_id": "mozilla-nss-certs-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"product": {
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"product_id": "mozilla-nss-certs-32bit-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.69.1-1.2.s390x",
"product": {
"name": "mozilla-nss-devel-3.69.1-1.2.s390x",
"product_id": "mozilla-nss-devel-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.69.1-1.2.s390x",
"product": {
"name": "mozilla-nss-sysinit-3.69.1-1.2.s390x",
"product_id": "mozilla-nss-sysinit-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"product_id": "mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.69.1-1.2.s390x",
"product": {
"name": "mozilla-nss-tools-3.69.1-1.2.s390x",
"product_id": "mozilla-nss-tools-3.69.1-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.69.1-1.2.x86_64",
"product": {
"name": "libfreebl3-3.69.1-1.2.x86_64",
"product_id": "libfreebl3-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.69.1-1.2.x86_64",
"product": {
"name": "libfreebl3-32bit-3.69.1-1.2.x86_64",
"product_id": "libfreebl3-32bit-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-3.69.1-1.2.x86_64",
"product": {
"name": "libfreebl3-hmac-3.69.1-1.2.x86_64",
"product_id": "libfreebl3-hmac-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"product": {
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"product_id": "libfreebl3-hmac-32bit-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.69.1-1.2.x86_64",
"product": {
"name": "libsoftokn3-3.69.1-1.2.x86_64",
"product_id": "libsoftokn3-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.69.1-1.2.x86_64",
"product": {
"name": "libsoftokn3-32bit-3.69.1-1.2.x86_64",
"product_id": "libsoftokn3-32bit-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-3.69.1-1.2.x86_64",
"product": {
"name": "libsoftokn3-hmac-3.69.1-1.2.x86_64",
"product_id": "libsoftokn3-hmac-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"product": {
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"product_id": "libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.69.1-1.2.x86_64",
"product": {
"name": "mozilla-nss-3.69.1-1.2.x86_64",
"product_id": "mozilla-nss-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.69.1-1.2.x86_64",
"product": {
"name": "mozilla-nss-32bit-3.69.1-1.2.x86_64",
"product_id": "mozilla-nss-32bit-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.69.1-1.2.x86_64",
"product": {
"name": "mozilla-nss-certs-3.69.1-1.2.x86_64",
"product_id": "mozilla-nss-certs-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"product": {
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"product_id": "mozilla-nss-certs-32bit-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.69.1-1.2.x86_64",
"product": {
"name": "mozilla-nss-devel-3.69.1-1.2.x86_64",
"product_id": "mozilla-nss-devel-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"product": {
"name": "mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"product_id": "mozilla-nss-sysinit-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"product_id": "mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.69.1-1.2.x86_64",
"product": {
"name": "mozilla-nss-tools-3.69.1-1.2.x86_64",
"product_id": "mozilla-nss-tools-3.69.1-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64"
},
"product_reference": "libfreebl3-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le"
},
"product_reference": "libfreebl3-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x"
},
"product_reference": "libfreebl3-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64"
},
"product_reference": "libfreebl3-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64"
},
"product_reference": "libfreebl3-32bit-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le"
},
"product_reference": "libfreebl3-32bit-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x"
},
"product_reference": "libfreebl3-32bit-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64"
},
"product_reference": "libfreebl3-32bit-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64"
},
"product_reference": "libfreebl3-hmac-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le"
},
"product_reference": "libfreebl3-hmac-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x"
},
"product_reference": "libfreebl3-hmac-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64"
},
"product_reference": "libfreebl3-hmac-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64"
},
"product_reference": "libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le"
},
"product_reference": "libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x"
},
"product_reference": "libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-hmac-32bit-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64"
},
"product_reference": "libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64"
},
"product_reference": "libsoftokn3-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le"
},
"product_reference": "libsoftokn3-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x"
},
"product_reference": "libsoftokn3-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64"
},
"product_reference": "libsoftokn3-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64"
},
"product_reference": "libsoftokn3-32bit-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le"
},
"product_reference": "libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x"
},
"product_reference": "libsoftokn3-32bit-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64"
},
"product_reference": "libsoftokn3-32bit-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64"
},
"product_reference": "libsoftokn3-hmac-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le"
},
"product_reference": "libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x"
},
"product_reference": "libsoftokn3-hmac-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64"
},
"product_reference": "libsoftokn3-hmac-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64"
},
"product_reference": "libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le"
},
"product_reference": "libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x"
},
"product_reference": "libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64"
},
"product_reference": "libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64"
},
"product_reference": "mozilla-nss-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le"
},
"product_reference": "mozilla-nss-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x"
},
"product_reference": "mozilla-nss-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64"
},
"product_reference": "mozilla-nss-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64"
},
"product_reference": "mozilla-nss-32bit-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le"
},
"product_reference": "mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x"
},
"product_reference": "mozilla-nss-32bit-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64"
},
"product_reference": "mozilla-nss-32bit-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64"
},
"product_reference": "mozilla-nss-certs-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le"
},
"product_reference": "mozilla-nss-certs-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x"
},
"product_reference": "mozilla-nss-certs-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64"
},
"product_reference": "mozilla-nss-certs-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64"
},
"product_reference": "mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le"
},
"product_reference": "mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x"
},
"product_reference": "mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64"
},
"product_reference": "mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64"
},
"product_reference": "mozilla-nss-devel-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le"
},
"product_reference": "mozilla-nss-devel-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x"
},
"product_reference": "mozilla-nss-devel-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64"
},
"product_reference": "mozilla-nss-devel-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64"
},
"product_reference": "mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le"
},
"product_reference": "mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x"
},
"product_reference": "mozilla-nss-sysinit-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64"
},
"product_reference": "mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.69.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64"
},
"product_reference": "mozilla-nss-tools-3.69.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.69.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le"
},
"product_reference": "mozilla-nss-tools-3.69.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.69.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x"
},
"product_reference": "mozilla-nss-tools-3.69.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.69.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
},
"product_reference": "mozilla-nss-tools-3.69.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0495"
}
],
"notes": [
{
"category": "general",
"text": "Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0495",
"url": "https://www.suse.com/security/cve/CVE-2018-0495"
},
{
"category": "external",
"summary": "SUSE Bug 1097410 for CVE-2018-0495",
"url": "https://bugzilla.suse.com/1097410"
},
{
"category": "external",
"summary": "SUSE Bug 1121207 for CVE-2018-0495",
"url": "https://bugzilla.suse.com/1121207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-0495"
},
{
"cve": "CVE-2018-12384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12384"
}
],
"notes": [
{
"category": "general",
"text": "When handling a SSLv2-compatible ClientHello request, the server doesn\u0027t generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12384",
"url": "https://www.suse.com/security/cve/CVE-2018-12384"
},
{
"category": "external",
"summary": "SUSE Bug 1106873 for CVE-2018-12384",
"url": "https://bugzilla.suse.com/1106873"
},
{
"category": "external",
"summary": "SUSE Bug 1119105 for CVE-2018-12384",
"url": "https://bugzilla.suse.com/1119105"
},
{
"category": "external",
"summary": "SUSE Bug 1121207 for CVE-2018-12384",
"url": "https://bugzilla.suse.com/1121207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-12384"
},
{
"cve": "CVE-2018-12404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12404"
}
],
"notes": [
{
"category": "general",
"text": "A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12404",
"url": "https://www.suse.com/security/cve/CVE-2018-12404"
},
{
"category": "external",
"summary": "SUSE Bug 1119069 for CVE-2018-12404",
"url": "https://bugzilla.suse.com/1119069"
},
{
"category": "external",
"summary": "SUSE Bug 1119105 for CVE-2018-12404",
"url": "https://bugzilla.suse.com/1119105"
},
{
"category": "external",
"summary": "SUSE Bug 1121207 for CVE-2018-12404",
"url": "https://bugzilla.suse.com/1121207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-12404"
},
{
"cve": "CVE-2019-11719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11719"
}
],
"notes": [
{
"category": "general",
"text": "When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11719",
"url": "https://www.suse.com/security/cve/CVE-2019-11719"
},
{
"category": "external",
"summary": "SUSE Bug 1140868 for CVE-2019-11719",
"url": "https://bugzilla.suse.com/1140868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-11719"
},
{
"cve": "CVE-2019-11727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11727"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox \u003c 68.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11727",
"url": "https://www.suse.com/security/cve/CVE-2019-11727"
},
{
"category": "external",
"summary": "SUSE Bug 1140868 for CVE-2019-11727",
"url": "https://bugzilla.suse.com/1140868"
},
{
"category": "external",
"summary": "SUSE Bug 1141322 for CVE-2019-11727",
"url": "https://bugzilla.suse.com/1141322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11727"
},
{
"cve": "CVE-2019-11729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11729"
}
],
"notes": [
{
"category": "general",
"text": "Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11729",
"url": "https://www.suse.com/security/cve/CVE-2019-11729"
},
{
"category": "external",
"summary": "SUSE Bug 1140868 for CVE-2019-11729",
"url": "https://bugzilla.suse.com/1140868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-11729"
},
{
"cve": "CVE-2019-11745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11745"
}
],
"notes": [
{
"category": "general",
"text": "When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11745",
"url": "https://www.suse.com/security/cve/CVE-2019-11745"
},
{
"category": "external",
"summary": "SUSE Bug 1158328 for CVE-2019-11745",
"url": "https://bugzilla.suse.com/1158328"
},
{
"category": "external",
"summary": "SUSE Bug 1158527 for CVE-2019-11745",
"url": "https://bugzilla.suse.com/1158527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-11745"
},
{
"cve": "CVE-2019-17006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17006"
}
],
"notes": [
{
"category": "general",
"text": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17006",
"url": "https://www.suse.com/security/cve/CVE-2019-17006"
},
{
"category": "external",
"summary": "SUSE Bug 1159819 for CVE-2019-17006",
"url": "https://bugzilla.suse.com/1159819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-17006"
},
{
"cve": "CVE-2020-12399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12399"
}
],
"notes": [
{
"category": "general",
"text": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12399",
"url": "https://www.suse.com/security/cve/CVE-2020-12399"
},
{
"category": "external",
"summary": "SUSE Bug 1171978 for CVE-2020-12399",
"url": "https://bugzilla.suse.com/1171978"
},
{
"category": "external",
"summary": "SUSE Bug 1172402 for CVE-2020-12399",
"url": "https://bugzilla.suse.com/1172402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-12399"
},
{
"cve": "CVE-2020-12401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12401"
}
],
"notes": [
{
"category": "general",
"text": "During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox \u003c 80 and Firefox for Android \u003c 80.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12401",
"url": "https://www.suse.com/security/cve/CVE-2020-12401"
},
{
"category": "external",
"summary": "SUSE Bug 1174763 for CVE-2020-12401",
"url": "https://bugzilla.suse.com/1174763"
},
{
"category": "external",
"summary": "SUSE Bug 1175686 for CVE-2020-12401",
"url": "https://bugzilla.suse.com/1175686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2020-12401"
},
{
"cve": "CVE-2020-12402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12402"
}
],
"notes": [
{
"category": "general",
"text": "During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox \u003c 78.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12402",
"url": "https://www.suse.com/security/cve/CVE-2020-12402"
},
{
"category": "external",
"summary": "SUSE Bug 1173032 for CVE-2020-12402",
"url": "https://bugzilla.suse.com/1173032"
},
{
"category": "external",
"summary": "SUSE Bug 1173576 for CVE-2020-12402",
"url": "https://bugzilla.suse.com/1173576"
},
{
"category": "external",
"summary": "SUSE Bug 1174230 for CVE-2020-12402",
"url": "https://bugzilla.suse.com/1174230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-12402"
},
{
"cve": "CVE-2020-12403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12403"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12403",
"url": "https://www.suse.com/security/cve/CVE-2020-12403"
},
{
"category": "external",
"summary": "SUSE Bug 1174763 for CVE-2020-12403",
"url": "https://bugzilla.suse.com/1174763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2020-12403"
},
{
"cve": "CVE-2020-25648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25648"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25648",
"url": "https://www.suse.com/security/cve/CVE-2020-25648"
},
{
"category": "external",
"summary": "SUSE Bug 1177917 for CVE-2020-25648",
"url": "https://bugzilla.suse.com/1177917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-25648"
},
{
"cve": "CVE-2020-6829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6829"
}
],
"notes": [
{
"category": "general",
"text": "When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox \u003c 80 and Firefox for Android \u003c 80.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6829",
"url": "https://www.suse.com/security/cve/CVE-2020-6829"
},
{
"category": "external",
"summary": "SUSE Bug 1174763 for CVE-2020-6829",
"url": "https://bugzilla.suse.com/1174763"
},
{
"category": "external",
"summary": "SUSE Bug 1175686 for CVE-2020-6829",
"url": "https://bugzilla.suse.com/1175686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libfreebl3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:libsoftokn3-hmac-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.69.1-1.2.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.69.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2020-6829"
}
]
}
RHSA-2020:3280
Vulnerability from csaf_redhat - Published: 2020-08-03 13:04 - Updated: 2025-11-21 18:15Summary
Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update
Severity
Moderate
Notes
Topic: An update for nss and nspr is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.
The following packages have been upgraded to a later upstream version: nss (3.53.1), nspr (4.25.0). (BZ#1809549, BZ#1809550)
Security Fix(es):
* nss: UAF in sftk_FreeSession due to improper refcounting (CVE-2019-11756)
* nss: Check length of inputs for cryptographic primitives (CVE-2019-17006)
* nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402)
* nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Install of update of nss.x86_64 adds i686 into transaction (BZ#1663187)
* NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1691409)
* TLS Keying Material Exporter is unsupported by command line tools (BZ#1691454)
* TLS_AES_256_GCM_SHA384 is not marked as FIPS compatible (BZ#1711375)
* Make TLS 1.3 work in FIPS mode (BZ#1724250)
* NSS rejects records with large padding with SHA384 HMAC (BZ#1750921)
* NSS missing IKEv1 Quick Mode KDF (BZ#1809637)
* Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1825270)
* FIPS needs nss to restrict valid dh primes to those primes that are approved. (BZ#1854564)
* nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1855825)
Enhancement(s):
* [RFE] nss should use AES for storage of keys (BZ#1723819)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in Mozilla Network Security Services (NSS) related to PK11 session handling. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled with NSS.
7.1 (High)
Affected products
Fixed
105 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was discovered in nss where input text length was not checked when using certain cryptographic primitives. This could lead to a heap-buffer overflow resulting in a crash and data leak. The highest threat is to confidentiality and integrity of data as well as system availability.
8.1 (High)
Affected products
Fixed
105 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A protocol downgrade flaw was found in Network Security Services (NSS). After a HelloRetryRequest has been sent, the client may negotiate a lower protocol than TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored.
5.3 (Medium)
Affected products
Fixed
105 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality.
4.4 (Medium)
Affected products
Fixed
105 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality.
4.4 (Medium)
Affected products
Fixed
105 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
41 references
Acknowledgments
the Mozilla project
the Mozilla Project
Tampere University
Cesar Pereida Garcia
Network and Information Security Group
Network and Information Security Group (NISEC
Billy Bob Brumley
Cesar Pereida
Nicola Tuveri
Yuval Yarom
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nss and nspr is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nThe following packages have been upgraded to a later upstream version: nss (3.53.1), nspr (4.25.0). (BZ#1809549, BZ#1809550)\n\nSecurity Fix(es):\n\n* nss: UAF in sftk_FreeSession due to improper refcounting (CVE-2019-11756)\n\n* nss: Check length of inputs for cryptographic primitives (CVE-2019-17006)\n\n* nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402)\n\n* nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Install of update of nss.x86_64 adds i686 into transaction (BZ#1663187)\n\n* NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1691409)\n\n* TLS Keying Material Exporter is unsupported by command line tools (BZ#1691454)\n\n* TLS_AES_256_GCM_SHA384 is not marked as FIPS compatible (BZ#1711375)\n\n* Make TLS 1.3 work in FIPS mode (BZ#1724250)\n\n* NSS rejects records with large padding with SHA384 HMAC (BZ#1750921)\n\n* NSS missing IKEv1 Quick Mode KDF (BZ#1809637)\n\n* Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1825270)\n\n* FIPS needs nss to restrict valid dh primes to those primes that are approved. (BZ#1854564)\n\n* nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1855825)\n\nEnhancement(s):\n\n* [RFE] nss should use AES for storage of keys (BZ#1723819)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3280",
"url": "https://access.redhat.com/errata/RHSA-2020:3280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1663187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663187"
},
{
"category": "external",
"summary": "1691454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691454"
},
{
"category": "external",
"summary": "1711375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1711375"
},
{
"category": "external",
"summary": "1724250",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724250"
},
{
"category": "external",
"summary": "1750921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750921"
},
{
"category": "external",
"summary": "1774835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774835"
},
{
"category": "external",
"summary": "1775916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775916"
},
{
"category": "external",
"summary": "1791225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791225"
},
{
"category": "external",
"summary": "1809637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809637"
},
{
"category": "external",
"summary": "1825270",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825270"
},
{
"category": "external",
"summary": "1826231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826231"
},
{
"category": "external",
"summary": "1854564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854564"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3280.json"
}
],
"title": "Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:15:59+00:00",
"generator": {
"date": "2025-11-21T18:15:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:3280",
"initial_release_date": "2020-08-03T13:04:49+00:00",
"revision_history": [
{
"date": "2020-08-03T13:04:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-03T13:04:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:15:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.25.0-2.el8_2.i686",
"product": {
"name": "nspr-0:4.25.0-2.el8_2.i686",
"product_id": "nspr-0:4.25.0-2.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.25.0-2.el8_2.i686",
"product": {
"name": "nspr-devel-0:4.25.0-2.el8_2.i686",
"product_id": "nspr-devel-0:4.25.0-2.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nspr-debugsource-0:4.25.0-2.el8_2.i686",
"product": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.i686",
"product_id": "nspr-debugsource-0:4.25.0-2.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"product": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-0:3.53.1-11.el8_2.i686",
"product_id": "nss-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-devel-0:3.53.1-11.el8_2.i686",
"product_id": "nss-devel-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-softokn-0:3.53.1-11.el8_2.i686",
"product_id": "nss-softokn-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-util-0:3.53.1-11.el8_2.i686",
"product_id": "nss-util-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.i686",
"product_id": "nss-util-devel-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.i686",
"product_id": "nss-debugsource-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.i686",
"product_id": "nss-debuginfo-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"product": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.25.0-2.el8_2.x86_64",
"product": {
"name": "nspr-0:4.25.0-2.el8_2.x86_64",
"product_id": "nspr-0:4.25.0-2.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.25.0-2.el8_2.x86_64",
"product": {
"name": "nspr-devel-0:4.25.0-2.el8_2.x86_64",
"product_id": "nspr-devel-0:4.25.0-2.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"product": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"product_id": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"product": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-devel-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-devel-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-softokn-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-softokn-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-tools-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-tools-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-util-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-util-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-util-devel-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.25.0-2.el8_2.ppc64le",
"product": {
"name": "nspr-0:4.25.0-2.el8_2.ppc64le",
"product_id": "nspr-0:4.25.0-2.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"product": {
"name": "nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"product_id": "nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"product": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"product_id": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"product": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-devel-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-devel-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-tools-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-tools-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-util-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-util-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.25.0-2.el8_2.s390x",
"product": {
"name": "nspr-0:4.25.0-2.el8_2.s390x",
"product_id": "nspr-0:4.25.0-2.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.25.0-2.el8_2.s390x",
"product": {
"name": "nspr-devel-0:4.25.0-2.el8_2.s390x",
"product_id": "nspr-devel-0:4.25.0-2.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"product": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"product_id": "nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"product": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-devel-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-devel-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-softokn-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-softokn-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-sysinit-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-sysinit-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-tools-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-tools-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-util-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-util-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-util-devel-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-debugsource-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"product": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.25.0-2.el8_2.aarch64",
"product": {
"name": "nspr-0:4.25.0-2.el8_2.aarch64",
"product_id": "nspr-0:4.25.0-2.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.25.0-2.el8_2.aarch64",
"product": {
"name": "nspr-devel-0:4.25.0-2.el8_2.aarch64",
"product_id": "nspr-devel-0:4.25.0-2.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"product": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"product_id": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"product": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-devel-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-devel-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-softokn-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-softokn-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-tools-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-tools-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-util-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-util-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.25.0-2.el8_2.src",
"product": {
"name": "nspr-0:4.25.0-2.el8_2.src",
"product_id": "nspr-0:4.25.0-2.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.53.1-11.el8_2.src",
"product": {
"name": "nss-0:3.53.1-11.el8_2.src",
"product_id": "nss-0:3.53.1-11.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.25.0-2.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64"
},
"product_reference": "nspr-0:4.25.0-2.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.25.0-2.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686"
},
"product_reference": "nspr-0:4.25.0-2.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.25.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le"
},
"product_reference": "nspr-0:4.25.0-2.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.25.0-2.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x"
},
"product_reference": "nspr-0:4.25.0-2.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.25.0-2.el8_2.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src"
},
"product_reference": "nspr-0:4.25.0-2.el8_2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.25.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64"
},
"product_reference": "nspr-0:4.25.0-2.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64"
},
"product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686"
},
"product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le"
},
"product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x"
},
"product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64"
},
"product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686"
},
"product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le"
},
"product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x"
},
"product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64"
},
"product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.25.0-2.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64"
},
"product_reference": "nspr-devel-0:4.25.0-2.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.25.0-2.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686"
},
"product_reference": "nspr-devel-0:4.25.0-2.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.25.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le"
},
"product_reference": "nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.25.0-2.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x"
},
"product_reference": "nspr-devel-0:4.25.0-2.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.25.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64"
},
"product_reference": "nspr-devel-0:4.25.0-2.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.53.1-11.el8_2.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src"
},
"product_reference": "nss-0:3.53.1-11.el8_2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-debugsource-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-debugsource-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-devel-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-devel-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-devel-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-devel-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-devel-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-softokn-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-softokn-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-softokn-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-softokn-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-sysinit-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-tools-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-tools-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-tools-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-tools-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-util-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-util-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-util-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-util-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-util-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64"
},
"product_reference": "nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686"
},
"product_reference": "nss-util-devel-0:3.53.1-11.el8_2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le"
},
"product_reference": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x"
},
"product_reference": "nss-util-devel-0:3.53.1-11.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
},
"product_reference": "nss-util-devel-0:3.53.1-11.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
}
],
"cve": "CVE-2019-11756",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-11-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1774835"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in Mozilla Network Security Services (NSS) related to PK11 session handling. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled with NSS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: Use-after-free in sftk_FreeSession due to improper refcounting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was fixed in upstream nss-3.47. Exploitation of this flaw is difficult and even impossible in most cases.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11756"
},
{
"category": "external",
"summary": "RHBZ#1774835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774835"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11756",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11756"
},
{
"category": "external",
"summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47_release_notes",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47_release_notes"
}
],
"release_date": "2019-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-03T13:04:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3280"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: Use-after-free in sftk_FreeSession due to improper refcounting"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla Project"
]
}
],
"cve": "CVE-2019-17006",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2019-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1775916"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in nss where input text length was not checked when using certain cryptographic primitives. This could lead to a heap-buffer overflow resulting in a crash and data leak. The highest threat is to confidentiality and integrity of data as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: Check length of inputs for cryptographic primitives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17006"
},
{
"category": "external",
"summary": "RHBZ#1775916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17006",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17006"
},
{
"category": "external",
"summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"
}
],
"release_date": "2019-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-03T13:04:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3280"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: Check length of inputs for cryptographic primitives"
},
{
"cve": "CVE-2019-17023",
"discovery_date": "2020-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1791225"
}
],
"notes": [
{
"category": "description",
"text": "A protocol downgrade flaw was found in Network Security Services (NSS). After a HelloRetryRequest has been sent, the client may negotiate a lower protocol than TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw causes the client to hang when there is a downgrade attempt. Therefore no actual protocol downgrade occurs.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17023"
},
{
"category": "external",
"summary": "RHBZ#1791225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791225"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17023"
},
{
"category": "external",
"summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49_release_notes",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49_release_notes"
}
],
"release_date": "2020-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-03T13:04:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3280"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state"
},
{
"acknowledgments": [
{
"names": [
"Cesar Pereida Garcia",
"Network and Information Security Group"
],
"organization": "Tampere University",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-12399",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2020-04-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1826177"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value \u0027k\u0027 is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: Timing attack on DSA signature generation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.\n\nFirefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12399"
},
{
"category": "external",
"summary": "RHBZ#1826177",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826177"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12399",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12399"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12399",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12399"
},
{
"category": "external",
"summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.4_release_notes",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.4_release_notes"
},
{
"category": "external",
"summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52.1_release_notes",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52.1_release_notes"
}
],
"release_date": "2020-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-03T13:04:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3280"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: Timing attack on DSA signature generation"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla Project"
]
},
{
"names": [
"Billy Bob Brumley",
"Cesar Pereida",
"Nicola Tuveri",
"Yuval Yarom"
],
"organization": "Network and Information Security Group (NISEC",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-12402",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2020-04-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1826231"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: Side channel vulnerabilities during RSA key generation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A timing attack was found in the way NSS generated RSA keys. A man-in-the-middle attacker could use this attack during RSA key generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12402"
},
{
"category": "external",
"summary": "RHBZ#1826231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826231"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12402",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12402"
},
{
"category": "external",
"summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53.1_release_notes",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53.1_release_notes"
}
],
"release_date": "2020-06-02T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-03T13:04:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3280"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: Side channel vulnerabilities during RSA key generation"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…