Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-6135 (GCVE-0-2023-6135)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI
EPSS
Summary
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- NSS susceptible to "Minerva" attack
Assigner
References
Impacted products
Credits
George Pantela (Red Hat) and Hubert Kario (Red Hat)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T18:59:00.834131Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T18:59:23.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "George Pantela (Red Hat) and Hubert Kario (Red Hat)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121."
}
],
"value": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NSS susceptible to \"Minerva\" attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:06:46.915Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6135",
"datePublished": "2023-12-19T13:38:46.388Z",
"dateReserved": "2023-11-14T21:31:12.876Z",
"dateUpdated": "2025-02-13T17:26:05.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-6135",
"date": "2026-06-21",
"epss": "0.00714",
"percentile": "0.48781"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"121.0\", \"matchCriteriaId\": \"A3D81D72-5965-4DB7-BFA7-9A32A9108919\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple NSS NIST curves were susceptible to a side-channel attack known as \\\"Minerva\\\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples curvas NSS NIST fueron susceptibles a un ataque de canal lateral conocido como \\\"Minerva\\\". Este ataque podr\\u00eda permitir potencialmente que un atacante recupere la clave privada. Esta vulnerabilidad afecta a Firefox \u0026lt; 121.\"}]",
"id": "CVE-2023-6135",
"lastModified": "2024-11-21T08:43:12.387",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}]}",
"published": "2023-12-19T14:15:07.143",
"references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\", \"Permissions Required\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Permissions Required\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-203\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-6135\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2023-12-19T14:15:07.143\",\"lastModified\":\"2024-11-21T08:43:12.387\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple NSS NIST curves were susceptible to a side-channel attack known as \\\"Minerva\\\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples curvas NSS NIST fueron susceptibles a un ataque de canal lateral conocido como \\\"Minerva\\\". Este ataque podr\u00eda permitir potencialmente que un atacante recupere la clave privada. Esta vulnerabilidad afecta a Firefox \u0026lt; 121.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"121.0\",\"matchCriteriaId\":\"A3D81D72-5965-4DB7-BFA7-9A32A9108919\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-56/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-56/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T08:21:17.233Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-6135\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-27T18:59:00.834131Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-27T18:59:18.502Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"George Pantela (Red Hat) and Hubert Kario (Red Hat)\"}], \"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Firefox\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"121\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\"}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multiple NSS NIST curves were susceptible to a side-channel attack known as \\\"Minerva\\\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Multiple NSS NIST curves were susceptible to a side-channel attack known as \\\"Minerva\\\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"NSS susceptible to \\\"Minerva\\\" attack\"}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2024-01-07T11:06:46.915Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-6135\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:26:05.649Z\", \"dateReserved\": \"2023-11-14T21:31:12.876Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2023-12-19T13:38:46.388Z\", \"assignerShortName\": \"mozilla\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2024:6786
Vulnerability from csaf_redhat - Published: 2024-09-18 21:11 - Updated: 2026-04-22 18:51Summary
Red Hat Security Advisory: firefox update
Severity
Important
Notes
Topic: An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.
4.3 (Medium)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash.
8.6 (High)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment.
9.8 (Critical)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console.
8.8 (High)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
The Mozilla Foundation's Security Advisory: Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will.
7.5 (High)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption.
9.8 (Critical)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability.
9.8 (Critical)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack.
6.1 (Medium)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Mozilla Foundation's Security Advisory: Memory safety bugs are present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort, some of these could have been exploited to run arbitrary code.
9.8 (Critical)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
61 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6786",
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6786.json"
}
],
"title": "Red Hat Security Advisory: firefox update",
"tracking": {
"current_release_date": "2026-04-22T18:51:30+00:00",
"generator": {
"date": "2026-04-22T18:51:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2024:6786",
"initial_release_date": "2024-09-18T21:11:10+00:00",
"revision_history": [
{
"date": "2024-09-18T21:11:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-18T21:11:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-22T18:51:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el9_2.src",
"product": {
"name": "firefox-0:128.2.0-1.el9_2.src",
"product_id": "firefox-0:128.2.0-1.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el9_2.aarch64",
"product": {
"name": "firefox-0:128.2.0-1.el9_2.aarch64",
"product_id": "firefox-0:128.2.0-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-x11-0:128.2.0-1.el9_2.aarch64",
"product": {
"name": "firefox-x11-0:128.2.0-1.el9_2.aarch64",
"product_id": "firefox-x11-0:128.2.0-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-x11@128.2.0-1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"product": {
"name": "firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"product_id": "firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@128.2.0-1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"product": {
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"product_id": "firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@128.2.0-1.el9_2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el9_2.ppc64le",
"product": {
"name": "firefox-0:128.2.0-1.el9_2.ppc64le",
"product_id": "firefox-0:128.2.0-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"product": {
"name": "firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"product_id": "firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-x11@128.2.0-1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"product": {
"name": "firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"product_id": "firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@128.2.0-1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"product": {
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"product_id": "firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@128.2.0-1.el9_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el9_2.x86_64",
"product": {
"name": "firefox-0:128.2.0-1.el9_2.x86_64",
"product_id": "firefox-0:128.2.0-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-x11-0:128.2.0-1.el9_2.x86_64",
"product": {
"name": "firefox-x11-0:128.2.0-1.el9_2.x86_64",
"product_id": "firefox-x11-0:128.2.0-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-x11@128.2.0-1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"product": {
"name": "firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"product_id": "firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@128.2.0-1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"product": {
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"product_id": "firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@128.2.0-1.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el9_2.s390x",
"product": {
"name": "firefox-0:128.2.0-1.el9_2.s390x",
"product_id": "firefox-0:128.2.0-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-x11-0:128.2.0-1.el9_2.s390x",
"product": {
"name": "firefox-x11-0:128.2.0-1.el9_2.s390x",
"product_id": "firefox-x11-0:128.2.0-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-x11@128.2.0-1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"product": {
"name": "firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"product_id": "firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@128.2.0-1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"product": {
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"product_id": "firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@128.2.0-1.el9_2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64"
},
"product_reference": "firefox-0:128.2.0-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le"
},
"product_reference": "firefox-0:128.2.0-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x"
},
"product_reference": "firefox-0:128.2.0-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el9_2.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src"
},
"product_reference": "firefox-0:128.2.0-1.el9_2.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64"
},
"product_reference": "firefox-0:128.2.0-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64"
},
"product_reference": "firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le"
},
"product_reference": "firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x"
},
"product_reference": "firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:128.2.0-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64"
},
"product_reference": "firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:128.2.0-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64"
},
"product_reference": "firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:128.2.0-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le"
},
"product_reference": "firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:128.2.0-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x"
},
"product_reference": "firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:128.2.0-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64"
},
"product_reference": "firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-x11-0:128.2.0-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64"
},
"product_reference": "firefox-x11-0:128.2.0-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-x11-0:128.2.0-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le"
},
"product_reference": "firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-x11-0:128.2.0-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x"
},
"product_reference": "firefox-x11-0:128.2.0-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-x11-0:128.2.0-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
},
"product_reference": "firefox-x11-0:128.2.0-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2249906"
}
],
"notes": [
{
"category": "description",
"text": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: vulnerable to Minerva side-channel information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of the Network Security Services (NSS) package vulnerability is marked as moderate due to the inherent risk associated with a potential side-channel information leak. This flaw empowers a local attacker to capture a substantial volume of signature usages, providing a pathway for them to exploit this data to reconstruct portions of an ECDSA private key. The ECDSA private key is a fundamental component of cryptographic security, and a successful compromise could have severe implications for the confidentiality and integrity of sensitive information.\n\nThe side channel present in NSS is on the order of 20 to 50ns, measuring such small differences over the network, without ability to measure signature with the same nonce is not something anybody has shown as possible. The only reason we can measure such small differences in the Marvin attack (https://people.redhat.com/~hkario/marvin/) is because the attacker there has full control over the processed messages, as such can measure the same message over and over, with ECDSA NSS is generating the used nonce randomly, and internally, for each and every signature. So a possibility of a purely network attack is rather theoretical at this moment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "RHBZ#2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"category": "external",
"summary": "https://minerva.crocs.fi.muni.cz/",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135"
}
],
"release_date": "2023-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-18T21:11:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: vulnerable to Minerva side-channel information leak"
},
{
"cve": "CVE-2024-7652",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2024-09-06T19:20:06.807597+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310490"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Type Confusion in Async Generators in Javascript Engine",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7652"
},
{
"category": "external",
"summary": "RHBZ#2310490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7652",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7652"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1901411",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1901411"
},
{
"category": "external",
"summary": "https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r",
"url": "https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-30/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-31/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
}
],
"release_date": "2024-09-06T19:15:12.710000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-18T21:11:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: Type Confusion in Async Generators in Javascript Engine"
},
{
"cve": "CVE-2024-8381",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"discovery_date": "2024-09-03T13:20:09.820143+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309427"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Type confusion when looking up a property name in a \u0026quot;with\u0026quot; block",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8381"
},
{
"category": "external",
"summary": "RHBZ#2309427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8381",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8381"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8381",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8381"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912715",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912715"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.553000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-18T21:11:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: Type confusion when looking up a property name in a \u0026quot;with\u0026quot; block"
},
{
"cve": "CVE-2024-8382",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"discovery_date": "2024-09-03T13:20:12.041906+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309428"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8382"
},
{
"category": "external",
"summary": "RHBZ#2309428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8382",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8382"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8382",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8382"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906744",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906744"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.630000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-18T21:11:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran"
},
{
"cve": "CVE-2024-8383",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2024-09-03T13:20:14.298352+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309429"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don\u0027t have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Firefox did not ask before openings news: links in an external application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8383"
},
{
"category": "external",
"summary": "RHBZ#2309429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8383",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8383"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8383",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8383"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908496",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908496"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-18T21:11:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mozilla: Firefox did not ask before openings news: links in an external application"
},
{
"cve": "CVE-2024-8384",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2024-09-03T13:20:16.882822+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309430"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8384"
},
{
"category": "external",
"summary": "RHBZ#2309430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8384",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8384"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8384",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8384"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911288",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911288"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.743000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-18T21:11:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions"
},
{
"cve": "CVE-2024-8385",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2024-09-03T13:20:19.187075+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309431"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: WASM type confusion involving ArrayTypes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8385"
},
{
"category": "external",
"summary": "RHBZ#2309431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8385",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8385"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8385",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8385"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911909",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911909"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
}
],
"release_date": "2024-09-03T13:15:05.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-18T21:11:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: WASM type confusion involving ArrayTypes"
},
{
"cve": "CVE-2024-8386",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2024-09-03T13:20:21.369865+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309432"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: SelectElements could be shown over another site if popups are allowed",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8386"
},
{
"category": "external",
"summary": "RHBZ#2309432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8386",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8386"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8386",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8386"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907032",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907032"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909163",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909163"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909529",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909529"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
}
],
"release_date": "2024-09-03T13:15:05.860000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-18T21:11:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mozilla: SelectElements could be shown over another site if popups are allowed"
},
{
"cve": "CVE-2024-8387",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2024-09-03T13:20:24.757137+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309433"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: Memory safety bugs are present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort, some of these could have been exploited to run arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8387"
},
{
"category": "external",
"summary": "RHBZ#2309433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8387",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8387"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8387",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8387"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
}
],
"release_date": "2024-09-03T13:15:05.917000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-18T21:11:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6786"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.src",
"AppStream-9.2.0.Z.EUS:firefox-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:firefox-x11-0:128.2.0-1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2"
}
]
}
RHSA-2024:6839
Vulnerability from csaf_redhat - Published: 2024-09-19 11:29 - Updated: 2026-04-22 18:51Summary
Red Hat Security Advisory: firefox update
Severity
Important
Notes
Topic: An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.
4.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: A mismatch between allocator and deallocator could have lead to memory corruption.
6.1 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Calling PK11_Encrypt() in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on Intel Sandy Bridge and later processors. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change.
CWE-319 - Cleartext Transmission of Sensitive InformationAffected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash.
8.6 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment.
9.8 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console.
8.8 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
The Mozilla Foundation's Security Advisory: Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption.
9.8 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability.
9.8 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack.
6.1 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Mozilla Foundation's Security Advisory: Memory safety bugs are present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort, some of these could have been exploited to run arbitrary code.
9.8 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
72 references
Acknowledgments
the Mozilla project
Ronald Crane
Red Hat
Alexander Sosedkin
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6839",
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6839.json"
}
],
"title": "Red Hat Security Advisory: firefox update",
"tracking": {
"current_release_date": "2026-04-22T18:51:30+00:00",
"generator": {
"date": "2026-04-22T18:51:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2024:6839",
"initial_release_date": "2024-09-19T11:29:38+00:00",
"revision_history": [
{
"date": "2024-09-19T11:29:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-19T11:29:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-22T18:51:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el8_2.src",
"product": {
"name": "firefox-0:128.2.0-1.el8_2.src",
"product_id": "firefox-0:128.2.0-1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el8_2.x86_64",
"product": {
"name": "firefox-0:128.2.0-1.el8_2.x86_64",
"product_id": "firefox-0:128.2.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:128.2.0-1.el8_2.x86_64",
"product": {
"name": "firefox-debugsource-0:128.2.0-1.el8_2.x86_64",
"product_id": "firefox-debugsource-0:128.2.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@128.2.0-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"product": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"product_id": "firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@128.2.0-1.el8_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el8_2.src as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src"
},
"product_reference": "firefox-0:128.2.0-1.el8_2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64"
},
"product_reference": "firefox-0:128.2.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:128.2.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debugsource-0:128.2.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2249906"
}
],
"notes": [
{
"category": "description",
"text": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: vulnerable to Minerva side-channel information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of the Network Security Services (NSS) package vulnerability is marked as moderate due to the inherent risk associated with a potential side-channel information leak. This flaw empowers a local attacker to capture a substantial volume of signature usages, providing a pathway for them to exploit this data to reconstruct portions of an ECDSA private key. The ECDSA private key is a fundamental component of cryptographic security, and a successful compromise could have severe implications for the confidentiality and integrity of sensitive information.\n\nThe side channel present in NSS is on the order of 20 to 50ns, measuring such small differences over the network, without ability to measure signature with the same nonce is not something anybody has shown as possible. The only reason we can measure such small differences in the Marvin attack (https://people.redhat.com/~hkario/marvin/) is because the attacker there has full control over the processed messages, as such can measure the same message over and over, with ECDSA NSS is generating the used nonce randomly, and internally, for each and every signature. So a possibility of a purely network attack is rather theoretical at this moment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "RHBZ#2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"category": "external",
"summary": "https://minerva.crocs.fi.muni.cz/",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135"
}
],
"release_date": "2023-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: vulnerable to Minerva side-channel information leak"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Ronald Crane"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2024-6602",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2024-07-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2296637"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nA mismatch between allocator and deallocator could have lead to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory corruption in NSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.\n\nFirefox and Thunderbird in Red Hat Enterprise Linux 8.8 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6602"
},
{
"category": "external",
"summary": "RHBZ#2296637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6602"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6602",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6602"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6602",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6602"
}
],
"release_date": "2024-07-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Memory corruption in NSS"
},
{
"acknowledgments": [
{
"names": [
"Alexander Sosedkin"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-7531",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"discovery_date": "2024-08-06T13:22:33.184282+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2303148"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as:\n\nCalling PK11_Encrypt() in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on Intel Sandy Bridge and later processors. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: nss: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.\n\nFirefox and Thunderbird in Red Hat Enterprise Linux 8.8 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7531"
},
{
"category": "external",
"summary": "RHBZ#2303148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303148"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7531"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7531",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7531"
}
],
"release_date": "2024-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mozilla: nss: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines"
},
{
"cve": "CVE-2024-7652",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2024-09-06T19:20:06.807597+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310490"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Type Confusion in Async Generators in Javascript Engine",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7652"
},
{
"category": "external",
"summary": "RHBZ#2310490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7652",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7652"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1901411",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1901411"
},
{
"category": "external",
"summary": "https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r",
"url": "https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-30/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-31/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
}
],
"release_date": "2024-09-06T19:15:12.710000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: Type Confusion in Async Generators in Javascript Engine"
},
{
"cve": "CVE-2024-8381",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"discovery_date": "2024-09-03T13:20:09.820143+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309427"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Type confusion when looking up a property name in a \u0026quot;with\u0026quot; block",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8381"
},
{
"category": "external",
"summary": "RHBZ#2309427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8381",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8381"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8381",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8381"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912715",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912715"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.553000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: Type confusion when looking up a property name in a \u0026quot;with\u0026quot; block"
},
{
"cve": "CVE-2024-8382",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"discovery_date": "2024-09-03T13:20:12.041906+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309428"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8382"
},
{
"category": "external",
"summary": "RHBZ#2309428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8382",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8382"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8382",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8382"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906744",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906744"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.630000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran"
},
{
"cve": "CVE-2024-8383",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2024-09-03T13:20:14.298352+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309429"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don\u0027t have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Firefox did not ask before openings news: links in an external application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8383"
},
{
"category": "external",
"summary": "RHBZ#2309429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8383",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8383"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8383",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8383"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908496",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908496"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mozilla: Firefox did not ask before openings news: links in an external application"
},
{
"cve": "CVE-2024-8384",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2024-09-03T13:20:16.882822+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309430"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8384"
},
{
"category": "external",
"summary": "RHBZ#2309430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8384",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8384"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8384",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8384"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911288",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911288"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.743000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions"
},
{
"cve": "CVE-2024-8385",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2024-09-03T13:20:19.187075+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309431"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: WASM type confusion involving ArrayTypes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8385"
},
{
"category": "external",
"summary": "RHBZ#2309431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8385",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8385"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8385",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8385"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911909",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911909"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
}
],
"release_date": "2024-09-03T13:15:05.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: WASM type confusion involving ArrayTypes"
},
{
"cve": "CVE-2024-8386",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2024-09-03T13:20:21.369865+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309432"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: SelectElements could be shown over another site if popups are allowed",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8386"
},
{
"category": "external",
"summary": "RHBZ#2309432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8386",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8386"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8386",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8386"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907032",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907032"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909163",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909163"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909529",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909529"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
}
],
"release_date": "2024-09-03T13:15:05.860000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mozilla: SelectElements could be shown over another site if popups are allowed"
},
{
"cve": "CVE-2024-8387",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2024-09-03T13:20:24.757137+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309433"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: Memory safety bugs are present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort, some of these could have been exploited to run arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8387"
},
{
"category": "external",
"summary": "RHBZ#2309433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8387",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8387"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8387",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8387"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
}
],
"release_date": "2024-09-03T13:15:05.917000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T11:29:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6839"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:128.2.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:128.2.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2"
}
]
}
RHSA-2024:6850
Vulnerability from csaf_redhat - Published: 2024-09-19 12:18 - Updated: 2026-04-22 18:51Summary
Red Hat Security Advisory: firefox update
Severity
Important
Notes
Topic: An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.
4.3 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash.
8.6 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment.
9.8 (Critical)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console.
8.8 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
The Mozilla Foundation's Security Advisory: Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption.
9.8 (Critical)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability.
9.8 (Critical)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack.
6.1 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Mozilla Foundation's Security Advisory: Memory safety bugs are present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort, some of these could have been exploited to run arbitrary code.
9.8 (Critical)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
61 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6850",
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6850.json"
}
],
"title": "Red Hat Security Advisory: firefox update",
"tracking": {
"current_release_date": "2026-04-22T18:51:30+00:00",
"generator": {
"date": "2026-04-22T18:51:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2024:6850",
"initial_release_date": "2024-09-19T12:18:18+00:00",
"revision_history": [
{
"date": "2024-09-19T12:18:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-19T12:18:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-22T18:51:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el8_8.src",
"product": {
"name": "firefox-0:128.2.0-1.el8_8.src",
"product_id": "firefox-0:128.2.0-1.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el8_8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el8_8.aarch64",
"product": {
"name": "firefox-0:128.2.0-1.el8_8.aarch64",
"product_id": "firefox-0:128.2.0-1.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"product": {
"name": "firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"product_id": "firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@128.2.0-1.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"product": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"product_id": "firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@128.2.0-1.el8_8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el8_8.ppc64le",
"product": {
"name": "firefox-0:128.2.0-1.el8_8.ppc64le",
"product_id": "firefox-0:128.2.0-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"product": {
"name": "firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"product_id": "firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@128.2.0-1.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"product": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"product_id": "firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@128.2.0-1.el8_8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el8_8.x86_64",
"product": {
"name": "firefox-0:128.2.0-1.el8_8.x86_64",
"product_id": "firefox-0:128.2.0-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:128.2.0-1.el8_8.x86_64",
"product": {
"name": "firefox-debugsource-0:128.2.0-1.el8_8.x86_64",
"product_id": "firefox-debugsource-0:128.2.0-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@128.2.0-1.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"product": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"product_id": "firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@128.2.0-1.el8_8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:128.2.0-1.el8_8.s390x",
"product": {
"name": "firefox-0:128.2.0-1.el8_8.s390x",
"product_id": "firefox-0:128.2.0-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@128.2.0-1.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"product": {
"name": "firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"product_id": "firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@128.2.0-1.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"product": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"product_id": "firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@128.2.0-1.el8_8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64"
},
"product_reference": "firefox-0:128.2.0-1.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le"
},
"product_reference": "firefox-0:128.2.0-1.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x"
},
"product_reference": "firefox-0:128.2.0-1.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el8_8.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src"
},
"product_reference": "firefox-0:128.2.0-1.el8_8.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:128.2.0-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64"
},
"product_reference": "firefox-0:128.2.0-1.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64"
},
"product_reference": "firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le"
},
"product_reference": "firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x"
},
"product_reference": "firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:128.2.0-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64"
},
"product_reference": "firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:128.2.0-1.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64"
},
"product_reference": "firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:128.2.0-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le"
},
"product_reference": "firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:128.2.0-1.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x"
},
"product_reference": "firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:128.2.0-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
},
"product_reference": "firefox-debugsource-0:128.2.0-1.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2249906"
}
],
"notes": [
{
"category": "description",
"text": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: vulnerable to Minerva side-channel information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of the Network Security Services (NSS) package vulnerability is marked as moderate due to the inherent risk associated with a potential side-channel information leak. This flaw empowers a local attacker to capture a substantial volume of signature usages, providing a pathway for them to exploit this data to reconstruct portions of an ECDSA private key. The ECDSA private key is a fundamental component of cryptographic security, and a successful compromise could have severe implications for the confidentiality and integrity of sensitive information.\n\nThe side channel present in NSS is on the order of 20 to 50ns, measuring such small differences over the network, without ability to measure signature with the same nonce is not something anybody has shown as possible. The only reason we can measure such small differences in the Marvin attack (https://people.redhat.com/~hkario/marvin/) is because the attacker there has full control over the processed messages, as such can measure the same message over and over, with ECDSA NSS is generating the used nonce randomly, and internally, for each and every signature. So a possibility of a purely network attack is rather theoretical at this moment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "RHBZ#2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"category": "external",
"summary": "https://minerva.crocs.fi.muni.cz/",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135"
}
],
"release_date": "2023-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T12:18:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: vulnerable to Minerva side-channel information leak"
},
{
"cve": "CVE-2024-7652",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2024-09-06T19:20:06.807597+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310490"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Type Confusion in Async Generators in Javascript Engine",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7652"
},
{
"category": "external",
"summary": "RHBZ#2310490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7652",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7652"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1901411",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1901411"
},
{
"category": "external",
"summary": "https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r",
"url": "https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-30/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-31/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
}
],
"release_date": "2024-09-06T19:15:12.710000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T12:18:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: Type Confusion in Async Generators in Javascript Engine"
},
{
"cve": "CVE-2024-8381",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"discovery_date": "2024-09-03T13:20:09.820143+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309427"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Type confusion when looking up a property name in a \u0026quot;with\u0026quot; block",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8381"
},
{
"category": "external",
"summary": "RHBZ#2309427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8381",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8381"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8381",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8381"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912715",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912715"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.553000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T12:18:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: Type confusion when looking up a property name in a \u0026quot;with\u0026quot; block"
},
{
"cve": "CVE-2024-8382",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"discovery_date": "2024-09-03T13:20:12.041906+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309428"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8382"
},
{
"category": "external",
"summary": "RHBZ#2309428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8382",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8382"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8382",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8382"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906744",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906744"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.630000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T12:18:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran"
},
{
"cve": "CVE-2024-8383",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2024-09-03T13:20:14.298352+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309429"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don\u0027t have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Firefox did not ask before openings news: links in an external application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8383"
},
{
"category": "external",
"summary": "RHBZ#2309429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8383",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8383"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8383",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8383"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908496",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908496"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T12:18:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mozilla: Firefox did not ask before openings news: links in an external application"
},
{
"cve": "CVE-2024-8384",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2024-09-03T13:20:16.882822+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309430"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8384"
},
{
"category": "external",
"summary": "RHBZ#2309430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8384",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8384"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8384",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8384"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911288",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911288"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-41/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/"
}
],
"release_date": "2024-09-03T13:15:05.743000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T12:18:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions"
},
{
"cve": "CVE-2024-8385",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2024-09-03T13:20:19.187075+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309431"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: WASM type confusion involving ArrayTypes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8385"
},
{
"category": "external",
"summary": "RHBZ#2309431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8385",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8385"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8385",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8385"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911909",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911909"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
}
],
"release_date": "2024-09-03T13:15:05.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T12:18:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: WASM type confusion involving ArrayTypes"
},
{
"cve": "CVE-2024-8386",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2024-09-03T13:20:21.369865+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309432"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: SelectElements could be shown over another site if popups are allowed",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8386"
},
{
"category": "external",
"summary": "RHBZ#2309432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8386",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8386"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8386",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8386"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907032",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907032"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909163",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909163"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909529",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909529"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
}
],
"release_date": "2024-09-03T13:15:05.860000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T12:18:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mozilla: SelectElements could be shown over another site if popups are allowed"
},
{
"cve": "CVE-2024-8387",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2024-09-03T13:20:24.757137+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309433"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory: Memory safety bugs are present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort, some of these could have been exploited to run arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8387"
},
{
"category": "external",
"summary": "RHBZ#2309433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8387",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8387"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8387",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8387"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-39/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2024-40/",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/"
}
],
"release_date": "2024-09-03T13:15:05.917000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T12:18:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6850"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.src",
"AppStream-8.8.0.Z.EUS:firefox-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debuginfo-0:128.2.0-1.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:firefox-debugsource-0:128.2.0-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2"
}
]
}
RHSA-2024_0785
Vulnerability from csaf_redhat - Published: 2024-02-12 13:56 - Updated: 2024-11-24 12:05Summary
Red Hat Security Advisory: nss security update
Severity
Moderate
Notes
Topic: An update for nss is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.
4.3 (Medium)
Affected products
Fixed
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nss is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0785",
"url": "https://access.redhat.com/errata/RHSA-2024:0785"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0785.json"
}
],
"title": "Red Hat Security Advisory: nss security update",
"tracking": {
"current_release_date": "2024-11-24T12:05:57+00:00",
"generator": {
"date": "2024-11-24T12:05:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0785",
"initial_release_date": "2024-02-12T13:56:58+00:00",
"revision_history": [
{
"date": "2024-02-12T13:56:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T13:56:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T12:05:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_8.src",
"product": {
"name": "nss-0:3.90.0-6.el8_8.src",
"product_id": "nss-0:3.90.0-6.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-devel-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-softokn-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-sysinit-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-tools-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-tools-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-util-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-util-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-util-devel-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-debugsource-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-devel-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-softokn-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-sysinit-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-tools-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-tools-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-util-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-util-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-util-devel-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-debugsource-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-0:3.90.0-6.el8_8.i686",
"product_id": "nss-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_8.i686",
"product_id": "nss-devel-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_8.i686",
"product_id": "nss-softokn-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.i686",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.i686",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-util-0:3.90.0-6.el8_8.i686",
"product_id": "nss-util-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.i686",
"product_id": "nss-util-devel-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.i686",
"product_id": "nss-debugsource-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.i686",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.i686",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.i686",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.i686",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_8?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-devel-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-softokn-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-sysinit-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-tools-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-tools-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-util-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-util-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-util-devel-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-debugsource-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-devel-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-softokn-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-sysinit-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-tools-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-tools-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-util-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-util-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-util-devel-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-debugsource-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.s390x",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_8.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.src"
},
"product_reference": "nss-0:3.90.0-6.el8_8.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-tools-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-tools-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-tools-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-tools-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-util-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-util-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-util-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-util-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-util-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.aarch64"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_8.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.i686"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_8.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.ppc64le"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.s390x"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_8.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.x86_64"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2249906"
}
],
"notes": [
{
"category": "description",
"text": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: vulnerable to Minerva side-channel information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of the Network Security Services (NSS) package vulnerability is marked as moderate due to the inherent risk associated with a potential side-channel information leak. This flaw empowers a local attacker to capture a substantial volume of signature usages, providing a pathway for them to exploit this data to reconstruct portions of an ECDSA private key. The ECDSA private key is a fundamental component of cryptographic security, and a successful compromise could have severe implications for the confidentiality and integrity of sensitive information.\n\nThe side channel present in NSS is on the order of 20 to 50ns, measuring such small differences over the network, without ability to measure signature with the same nonce is not something anybody has shown as possible. The only reason we can measure such small differences in the Marvin attack (https://people.redhat.com/~hkario/marvin/) is because the attacker there has full control over the processed messages, as such can measure the same message over and over, with ECDSA NSS is generating the used nonce randomly, and internally, for each and every signature. So a possibility of a purely network attack is rather theoretical at this moment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.src",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "RHBZ#2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"category": "external",
"summary": "https://minerva.crocs.fi.muni.cz/",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135"
}
],
"release_date": "2023-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T13:56:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.src",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0785"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.src",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.src",
"AppStream-8.8.0.Z.EUS:nss-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-debugsource-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-sysinit-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-tools-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el8_8.x86_64",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.aarch64",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.i686",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.ppc64le",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.s390x",
"AppStream-8.8.0.Z.EUS:nss-util-devel-0:3.90.0-6.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: vulnerable to Minerva side-channel information leak"
}
]
}
RHSA-2024_0786
Vulnerability from csaf_redhat - Published: 2024-02-12 14:00 - Updated: 2024-11-24 12:06Summary
Red Hat Security Advisory: nss security update
Severity
Moderate
Notes
Topic: An update for nss is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.
4.3 (Medium)
Affected products
Fixed
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nss is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0786",
"url": "https://access.redhat.com/errata/RHSA-2024:0786"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0786.json"
}
],
"title": "Red Hat Security Advisory: nss security update",
"tracking": {
"current_release_date": "2024-11-24T12:06:08+00:00",
"generator": {
"date": "2024-11-24T12:06:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0786",
"initial_release_date": "2024-02-12T14:00:39+00:00",
"revision_history": [
{
"date": "2024-02-12T14:00:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T14:00:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T12:06:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_9.src",
"product": {
"name": "nss-0:3.90.0-6.el8_9.src",
"product_id": "nss-0:3.90.0-6.el8_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-devel-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-softokn-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-sysinit-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-tools-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-tools-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-util-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-util-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-util-devel-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-debugsource-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_9?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-devel-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-softokn-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-sysinit-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-tools-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-tools-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-util-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-util-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-util-devel-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-debugsource-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-0:3.90.0-6.el8_9.i686",
"product_id": "nss-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_9.i686",
"product_id": "nss-devel-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_9.i686",
"product_id": "nss-softokn-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.i686",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.i686",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-util-0:3.90.0-6.el8_9.i686",
"product_id": "nss-util-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.i686",
"product_id": "nss-util-devel-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.i686",
"product_id": "nss-debugsource-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.i686",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.i686",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.i686",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.i686",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_9?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-devel-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-softokn-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-sysinit-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-tools-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-tools-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-util-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-util-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-util-devel-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-debugsource-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-devel-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-devel-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-softokn-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-softokn-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-softokn-devel-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-sysinit-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-tools-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-tools-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-util-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-util-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-util-devel-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-debugsource-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el8_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.s390x",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el8_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_9.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.src"
},
"product_reference": "nss-0:3.90.0-6.el8_9.src",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-devel-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-softokn-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-tools-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-tools-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-tools-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-tools-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-util-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-util-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-util-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-util-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-util-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.aarch64"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_9.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.i686"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_9.i686",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.ppc64le"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_9.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.s390x"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_9.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el8_9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.x86_64"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el8_9.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2249906"
}
],
"notes": [
{
"category": "description",
"text": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: vulnerable to Minerva side-channel information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of the Network Security Services (NSS) package vulnerability is marked as moderate due to the inherent risk associated with a potential side-channel information leak. This flaw empowers a local attacker to capture a substantial volume of signature usages, providing a pathway for them to exploit this data to reconstruct portions of an ECDSA private key. The ECDSA private key is a fundamental component of cryptographic security, and a successful compromise could have severe implications for the confidentiality and integrity of sensitive information.\n\nThe side channel present in NSS is on the order of 20 to 50ns, measuring such small differences over the network, without ability to measure signature with the same nonce is not something anybody has shown as possible. The only reason we can measure such small differences in the Marvin attack (https://people.redhat.com/~hkario/marvin/) is because the attacker there has full control over the processed messages, as such can measure the same message over and over, with ECDSA NSS is generating the used nonce randomly, and internally, for each and every signature. So a possibility of a purely network attack is rather theoretical at this moment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.src",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "RHBZ#2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"category": "external",
"summary": "https://minerva.crocs.fi.muni.cz/",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135"
}
],
"release_date": "2023-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T14:00:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.src",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0786"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.src",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.src",
"AppStream-8.9.0.Z.MAIN:nss-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-tools-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el8_9.x86_64",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.aarch64",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.i686",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.ppc64le",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.s390x",
"AppStream-8.9.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: vulnerable to Minerva side-channel information leak"
}
]
}
RHSA-2024_0790
Vulnerability from csaf_redhat - Published: 2024-02-12 16:48 - Updated: 2024-11-24 12:06Summary
Red Hat Security Advisory: nss security update
Severity
Moderate
Notes
Topic: An update for nss is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.
4.3 (Medium)
Affected products
Fixed
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nss is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0790",
"url": "https://access.redhat.com/errata/RHSA-2024:0790"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0790.json"
}
],
"title": "Red Hat Security Advisory: nss security update",
"tracking": {
"current_release_date": "2024-11-24T12:06:20+00:00",
"generator": {
"date": "2024-11-24T12:06:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0790",
"initial_release_date": "2024-02-12T16:48:44+00:00",
"revision_history": [
{
"date": "2024-02-12T16:48:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T16:48:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T12:06:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_3.aarch64",
"product": {
"name": "nspr-0:4.35.0-6.el9_3.aarch64",
"product_id": "nspr-0:4.35.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_3.aarch64",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_3.aarch64",
"product_id": "nspr-devel-0:4.35.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-devel-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-softokn-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-sysinit-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-tools-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-tools-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-util-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-util-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-util-devel-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-debugsource-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.aarch64",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.aarch64",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_3.ppc64le",
"product": {
"name": "nspr-0:4.35.0-6.el9_3.ppc64le",
"product_id": "nspr-0:4.35.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_3.ppc64le",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_3.ppc64le",
"product_id": "nspr-devel-0:4.35.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-devel-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-softokn-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-sysinit-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-tools-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-tools-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-util-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-util-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-util-devel-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-debugsource-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_3.i686",
"product": {
"name": "nspr-0:4.35.0-6.el9_3.i686",
"product_id": "nspr-0:4.35.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_3.i686",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_3.i686",
"product_id": "nspr-devel-0:4.35.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-0:3.90.0-6.el9_3.i686",
"product_id": "nss-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_3.i686",
"product_id": "nss-devel-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_3.i686",
"product_id": "nss-softokn-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.i686",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.i686",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-util-0:3.90.0-6.el9_3.i686",
"product_id": "nss-util-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.i686",
"product_id": "nss-util-devel-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.i686",
"product_id": "nss-debugsource-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.i686",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.i686",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.i686",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.i686",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.i686",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.i686",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_3?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_3.x86_64",
"product": {
"name": "nspr-0:4.35.0-6.el9_3.x86_64",
"product_id": "nspr-0:4.35.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_3.x86_64",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_3.x86_64",
"product_id": "nspr-devel-0:4.35.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-devel-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-softokn-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-sysinit-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-tools-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-tools-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-util-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-util-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-util-devel-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-debugsource-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.x86_64",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.x86_64",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_3.s390x",
"product": {
"name": "nspr-0:4.35.0-6.el9_3.s390x",
"product_id": "nspr-0:4.35.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_3.s390x",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_3.s390x",
"product_id": "nspr-devel-0:4.35.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-devel-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-softokn-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-sysinit-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-tools-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-tools-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-util-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-util-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-util-devel-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-debugsource-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.s390x",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.s390x",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.s390x",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_3.src",
"product": {
"name": "nss-0:3.90.0-6.el9_3.src",
"product_id": "nss-0:3.90.0-6.el9_3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.aarch64"
},
"product_reference": "nspr-0:4.35.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.i686"
},
"product_reference": "nspr-0:4.35.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.ppc64le"
},
"product_reference": "nspr-0:4.35.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.s390x"
},
"product_reference": "nspr-0:4.35.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.x86_64"
},
"product_reference": "nspr-0:4.35.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.aarch64"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.i686"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.s390x"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.aarch64"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.i686"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.ppc64le"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.s390x"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.x86_64"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_3.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.src"
},
"product_reference": "nss-0:3.90.0-6.el9_3.src",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-tools-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-tools-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-tools-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-tools-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-util-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-util-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-util-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-util-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-util-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.aarch64"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.i686"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.ppc64le"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.s390x"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.x86_64"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2249906"
}
],
"notes": [
{
"category": "description",
"text": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: vulnerable to Minerva side-channel information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of the Network Security Services (NSS) package vulnerability is marked as moderate due to the inherent risk associated with a potential side-channel information leak. This flaw empowers a local attacker to capture a substantial volume of signature usages, providing a pathway for them to exploit this data to reconstruct portions of an ECDSA private key. The ECDSA private key is a fundamental component of cryptographic security, and a successful compromise could have severe implications for the confidentiality and integrity of sensitive information.\n\nThe side channel present in NSS is on the order of 20 to 50ns, measuring such small differences over the network, without ability to measure signature with the same nonce is not something anybody has shown as possible. The only reason we can measure such small differences in the Marvin attack (https://people.redhat.com/~hkario/marvin/) is because the attacker there has full control over the processed messages, as such can measure the same message over and over, with ECDSA NSS is generating the used nonce randomly, and internally, for each and every signature. So a possibility of a purely network attack is rather theoretical at this moment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.src",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "RHBZ#2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"category": "external",
"summary": "https://minerva.crocs.fi.muni.cz/",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135"
}
],
"release_date": "2023-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T16:48:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.src",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0790"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.src",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-debuginfo-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nspr-devel-0:4.35.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.src",
"AppStream-9.3.0.Z.MAIN:nss-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-debugsource-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-softokn-freebl-devel-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-sysinit-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-tools-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-tools-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-debuginfo-0:3.90.0-6.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:nss-util-devel-0:3.90.0-6.el9_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: vulnerable to Minerva side-channel information leak"
}
]
}
RHSA-2024_0791
Vulnerability from csaf_redhat - Published: 2024-02-12 16:48 - Updated: 2024-11-24 12:06Summary
Red Hat Security Advisory: nss security update
Severity
Moderate
Notes
Topic: An update for nss is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.
4.3 (Medium)
Affected products
Fixed
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nss is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0791",
"url": "https://access.redhat.com/errata/RHSA-2024:0791"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0791.json"
}
],
"title": "Red Hat Security Advisory: nss security update",
"tracking": {
"current_release_date": "2024-11-24T12:06:32+00:00",
"generator": {
"date": "2024-11-24T12:06:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0791",
"initial_release_date": "2024-02-12T16:48:39+00:00",
"revision_history": [
{
"date": "2024-02-12T16:48:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T16:48:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T12:06:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_2.aarch64",
"product": {
"name": "nspr-0:4.35.0-6.el9_2.aarch64",
"product_id": "nspr-0:4.35.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_2.aarch64",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_2.aarch64",
"product_id": "nspr-devel-0:4.35.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-devel-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-softokn-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-sysinit-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-tools-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-tools-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-util-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-util-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-util-devel-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-debugsource-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.aarch64",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.aarch64",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_2.ppc64le",
"product": {
"name": "nspr-0:4.35.0-6.el9_2.ppc64le",
"product_id": "nspr-0:4.35.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_2.ppc64le",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_2.ppc64le",
"product_id": "nspr-devel-0:4.35.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-devel-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-softokn-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-sysinit-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-tools-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-tools-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-util-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-util-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-util-devel-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-debugsource-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_2.i686",
"product": {
"name": "nspr-0:4.35.0-6.el9_2.i686",
"product_id": "nspr-0:4.35.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_2.i686",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_2.i686",
"product_id": "nspr-devel-0:4.35.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-0:3.90.0-6.el9_2.i686",
"product_id": "nss-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_2.i686",
"product_id": "nss-devel-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_2.i686",
"product_id": "nss-softokn-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.i686",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.i686",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-util-0:3.90.0-6.el9_2.i686",
"product_id": "nss-util-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.i686",
"product_id": "nss-util-devel-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.i686",
"product_id": "nss-debugsource-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.i686",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.i686",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.i686",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.i686",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.i686",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.i686",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_2.x86_64",
"product": {
"name": "nspr-0:4.35.0-6.el9_2.x86_64",
"product_id": "nspr-0:4.35.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_2.x86_64",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_2.x86_64",
"product_id": "nspr-devel-0:4.35.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-devel-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-softokn-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-sysinit-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-tools-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-tools-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-util-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-util-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-util-devel-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-debugsource-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.x86_64",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.x86_64",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.35.0-6.el9_2.s390x",
"product": {
"name": "nspr-0:4.35.0-6.el9_2.s390x",
"product_id": "nspr-0:4.35.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.35.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.35.0-6.el9_2.s390x",
"product": {
"name": "nspr-devel-0:4.35.0-6.el9_2.s390x",
"product_id": "nspr-devel-0:4.35.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.35.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-devel-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-devel-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-softokn-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-softokn-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-softokn-devel-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-devel@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-softokn-freebl-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-sysinit-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-sysinit-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-tools-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-tools-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-util-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-util-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-devel-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-util-devel-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-devel@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debugsource-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-debugsource-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debugsource@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.s390x",
"product": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.s390x",
"product_id": "nspr-debuginfo-0:4.35.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.35.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.90.0-6.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.s390x",
"product": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_id": "nss-util-debuginfo-0:3.90.0-6.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-util-debuginfo@3.90.0-6.el9_2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nss-0:3.90.0-6.el9_2.src",
"product": {
"name": "nss-0:3.90.0-6.el9_2.src",
"product_id": "nss-0:3.90.0-6.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.90.0-6.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.aarch64"
},
"product_reference": "nspr-0:4.35.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.i686"
},
"product_reference": "nspr-0:4.35.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.ppc64le"
},
"product_reference": "nspr-0:4.35.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.s390x"
},
"product_reference": "nspr-0:4.35.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.35.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.x86_64"
},
"product_reference": "nspr-0:4.35.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.aarch64"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.i686"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.s390x"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.35.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.35.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.aarch64"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.i686"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.ppc64le"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.s390x"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.35.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.x86_64"
},
"product_reference": "nspr-devel-0:4.35.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_2.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.src"
},
"product_reference": "nss-0:3.90.0-6.el9_2.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-debuginfo-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debugsource-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-debugsource-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-devel-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-softokn-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-devel-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-softokn-devel-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-sysinit-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-tools-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-tools-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-tools-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-tools-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-util-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-util-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-util-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-util-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-util-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.aarch64"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.i686"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.ppc64le"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.s390x"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-util-devel-0:3.90.0-6.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.x86_64"
},
"product_reference": "nss-util-devel-0:3.90.0-6.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2249906"
}
],
"notes": [
{
"category": "description",
"text": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: vulnerable to Minerva side-channel information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of the Network Security Services (NSS) package vulnerability is marked as moderate due to the inherent risk associated with a potential side-channel information leak. This flaw empowers a local attacker to capture a substantial volume of signature usages, providing a pathway for them to exploit this data to reconstruct portions of an ECDSA private key. The ECDSA private key is a fundamental component of cryptographic security, and a successful compromise could have severe implications for the confidentiality and integrity of sensitive information.\n\nThe side channel present in NSS is on the order of 20 to 50ns, measuring such small differences over the network, without ability to measure signature with the same nonce is not something anybody has shown as possible. The only reason we can measure such small differences in the Marvin attack (https://people.redhat.com/~hkario/marvin/) is because the attacker there has full control over the processed messages, as such can measure the same message over and over, with ECDSA NSS is generating the used nonce randomly, and internally, for each and every signature. So a possibility of a purely network attack is rather theoretical at this moment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.src",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "RHBZ#2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"category": "external",
"summary": "https://minerva.crocs.fi.muni.cz/",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135"
}
],
"release_date": "2023-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T16:48:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.src",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0791"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.src",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-debuginfo-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nspr-devel-0:4.35.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.src",
"AppStream-9.2.0.Z.EUS:nss-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-debugsource-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-softokn-freebl-devel-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-sysinit-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-sysinit-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-tools-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-tools-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-debuginfo-0:3.90.0-6.el9_2.x86_64",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.aarch64",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.i686",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.ppc64le",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.s390x",
"AppStream-9.2.0.Z.EUS:nss-util-devel-0:3.90.0-6.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: vulnerable to Minerva side-channel information leak"
}
]
}
RHSA-2024_1686
Vulnerability from csaf_redhat - Published: 2024-04-04 21:32 - Updated: 2024-11-24 12:06Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 for OpenShift image security update
Severity
Moderate
Notes
Topic: A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The rh-sso-7/sso76-openshift-rhel8 container image has been updated for RHEL-8 based Middleware Containers to address the following security advisory: RHSA-2023:5837 (see References)
Users of rh-sso-7/sso76-openshift-rhel8 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.
Security Fix(es):
* pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE (CVE-2024-1597)
* libmaxminddb: improper initialization in dump_entry_data_list() in maxminddb.c (CVE-2020-28241)
* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)
You can find images updated by this advisory in Red Hat Container Catalog (see References).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An improper initialization issue was found in libmaxminddb. A remote user could exploit this flaw by sending a specially crafted MaxMind DB file that, when parsed by an application linked to libmaxminddb, would possibly crash the application, resulting in a denial of service condition.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.
4.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the PostgreSQL JDBC Driver. A SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value.
9.8 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The rh-sso-7/sso76-openshift-rhel8 container image has been updated for RHEL-8 based Middleware Containers to address the following security advisory: RHSA-2023:5837 (see References)\n\nUsers of rh-sso-7/sso76-openshift-rhel8 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.\n\nSecurity Fix(es):\n\n* pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE (CVE-2024-1597)\n\n* libmaxminddb: improper initialization in dump_entry_data_list() in maxminddb.c (CVE-2020-28241)\n\n* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)\n\nYou can find images updated by this advisory in Red Hat Container Catalog (see References).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1686",
"url": "https://access.redhat.com/errata/RHSA-2024:1686"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/errata/RHSA-2023:5837",
"url": "https://access.redhat.com/errata/RHSA-2023:5837"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/registry/registry.access.redhat.com/repository/rh-sso-7/sso76-openshift-rhel8",
"url": "https://catalog.redhat.com/software/containers/registry/registry.access.redhat.com/repository/rh-sso-7/sso76-openshift-rhel8"
},
{
"category": "external",
"summary": "1895379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895379"
},
{
"category": "external",
"summary": "2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "external",
"summary": "2266523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266523"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1686.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 for OpenShift image security update",
"tracking": {
"current_release_date": "2024-11-24T12:06:43+00:00",
"generator": {
"date": "2024-11-24T12:06:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:1686",
"initial_release_date": "2024-04-04T21:32:08+00:00",
"revision_history": [
{
"date": "2024-04-04T21:32:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-04-04T21:32:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T12:06:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Middleware Containers for OpenShift",
"product": {
"name": "Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"product": {
"name": "rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"product_id": "rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"product_identification_helper": {
"purl": "pkg:oci/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932?arch=amd64\u0026repository_url=registry.redhat.io/rh-sso-7/sso7-rhel8-operator-bundle\u0026tag=7.6.7-4"
}
}
},
{
"category": "product_version",
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"product": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"product_id": "rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b?arch=amd64\u0026repository_url=registry.redhat.io/rh-sso-7/sso76-openshift-rhel8\u0026tag=7.6-42"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"product": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"product_id": "rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37?arch=ppc64le\u0026repository_url=registry.redhat.io/rh-sso-7/sso76-openshift-rhel8\u0026tag=7.6-42"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x",
"product": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x",
"product_id": "rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb?arch=s390x\u0026repository_url=registry.redhat.io/rh-sso-7/sso76-openshift-rhel8\u0026tag=7.6-42"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64"
},
"product_reference": "rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le"
},
"product_reference": "rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64"
},
"product_reference": "rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
},
"product_reference": "rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-28241",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2020-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1895379"
}
],
"notes": [
{
"category": "description",
"text": "An improper initialization issue was found in libmaxminddb. A remote user could exploit this flaw by sending a specially crafted MaxMind DB file that, when parsed by an application linked to libmaxminddb, would possibly crash the application, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libmaxminddb: improper initialization in dump_entry_data_list() in maxminddb.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28241"
},
{
"category": "external",
"summary": "RHBZ#1895379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28241"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28241",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28241"
}
],
"release_date": "2020-08-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T21:32:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1686"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libmaxminddb: improper initialization in dump_entry_data_list() in maxminddb.c"
},
{
"cve": "CVE-2023-6135",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2249906"
}
],
"notes": [
{
"category": "description",
"text": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: vulnerable to Minerva side-channel information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of the Network Security Services (NSS) package vulnerability is marked as moderate due to the inherent risk associated with a potential side-channel information leak. This flaw empowers a local attacker to capture a substantial volume of signature usages, providing a pathway for them to exploit this data to reconstruct portions of an ECDSA private key. The ECDSA private key is a fundamental component of cryptographic security, and a successful compromise could have severe implications for the confidentiality and integrity of sensitive information.\n\nThe side channel present in NSS is on the order of 20 to 50ns, measuring such small differences over the network, without ability to measure signature with the same nonce is not something anybody has shown as possible. The only reason we can measure such small differences in the Marvin attack (https://people.redhat.com/~hkario/marvin/) is because the attacker there has full control over the processed messages, as such can measure the same message over and over, with ECDSA NSS is generating the used nonce randomly, and internally, for each and every signature. So a possibility of a purely network attack is rather theoretical at this moment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "RHBZ#2249906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135"
},
{
"category": "external",
"summary": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"category": "external",
"summary": "https://minerva.crocs.fi.muni.cz/",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135"
}
],
"release_date": "2023-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T21:32:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1686"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: vulnerable to Minerva side-channel information leak"
},
{
"cve": "CVE-2024-1597",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2024-02-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266523"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the PostgreSQL JDBC Driver. A SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The PostgreSQL JDBC Driver is not affected in the default query mode. Users that do not override the query mode are not impacted.\n\nThe described SQL injection vulnerability, while significant, is categorized as important rather than critical due to several factors. Firstly, the exploitation relies on specific conditions, including the use of a non-default query mode (preferQueryMode=simple) and the precise arrangement of user-controlled parameters within the SQL query. This limits the potential attack surface and reduces the likelihood of widespread exploitation across systems. Additionally, the vulnerability does not pose an immediate and severe risk of system compromise or data breach; rather, it enables attackers to manipulate SQL queries and potentially execute arbitrary commands within the context of the application\u0027s database. Furthermore, the vulnerability can be effectively mitigated by applying the provided patch or by avoiding the use of the vulnerable query mode, thus reducing the risk of exploitation.\n\nRed Hat Satellite ships a PostgreSQL JDBC Driver which embeds into Candlepin. However, Candlepin doesn\u0027t directly utilize the PostgreSQL JDBC Driver and doesn\u0027t set PreferQueryMode. Therefore, although the affected component is shipped, the product impact is considered Low. This issue may be addressed in a future Satellite release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1597"
},
{
"category": "external",
"summary": "RHBZ#2266523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1597"
},
{
"category": "external",
"summary": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56",
"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56"
},
{
"category": "external",
"summary": "https://www.enterprisedb.com/docs/jdbc_connector/latest/01_jdbc_rel_notes/",
"url": "https://www.enterprisedb.com/docs/jdbc_connector/latest/01_jdbc_rel_notes/"
},
{
"category": "external",
"summary": "https://www.enterprisedb.com/docs/security/assessments/cve-2024-1597/",
"url": "https://www.enterprisedb.com/docs/security/assessments/cve-2024-1597/"
}
],
"release_date": "2024-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T21:32:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1686"
},
{
"category": "workaround",
"details": "Do not use the connection propertypreferQueryMode=simple. If you do not explicitly specify a query mode, then you are using the default of extended and are not impacted by this issue.",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso7-rhel8-operator-bundle@sha256:fa9d954957c644853886943a2bb5e18b178f3595384bdb73b8e5f7e5db0f4932_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:89f7ae83a1818e771e20982a6a4dd2c01ded703c65e90263f961504a3d1c5b37_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:c70d15537cad829f067e8c6ad57dfe5300fd9ff768d27973354bb061cae7754b_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:efe74faab04366421442d5febdc4087aece4506a92c0ba1be42fe627a23fb0cb_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE"
}
]
}
WID-SEC-W-2023-3185
Vulnerability from csaf_certbund - Published: 2023-12-19 23:00 - Updated: 2025-06-02 22:00Summary
Mozilla Firefox und Thunderbird: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Firefox ist ein Open Source Web Browser.
Thunderbird ist ein Open Source E-Mail Client.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Firefox ESR und Thunderbird ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und undefiniertes Verhalten zu verursachen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Mozilla Thunderbird <115.6
Mozilla / Thunderbird
|
<115.6 | ||
|
Mozilla Firefox <121
Mozilla / Firefox
|
<121 | ||
|
Red Hat OpenShift Container Platform 4.9
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.9
|
Container Platform 4.9 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Mozilla Firefox <ESR 115.6
Mozilla / Firefox
|
<ESR 115.6 | ||
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform 4.10
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.10
|
Container Platform 4.10 | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
Container Platform 4.12 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat OpenShift Container Platform 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.11
|
Container Platform 4.11 |
References
66 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Firefox ist ein Open Source Web Browser.\r\nThunderbird ist ein Open Source E-Mail Client.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Firefox ESR und Thunderbird ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und undefiniertes Verhalten zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-3185 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3185.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-3185 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3185"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2023-12-19",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2023-12-19",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2023-12-19",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-7DEE358171 vom 2023-12-21",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-7dee358171"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-608DD04117 vom 2023-12-21",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-608dd04117"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4929-1 vom 2023-12-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017505.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4928-1 vom 2023-12-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017506.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5581 vom 2023-12-20",
"url": "https://lists.debian.org/debian-security-announce/2023/msg00278.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5581 vom 2023-12-21",
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5582 vom 2023-12-22",
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6562-1 vom 2024-01-02",
"url": "https://ubuntu.com/security/notices/USN-6562-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3698 vom 2023-12-29",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3697 vom 2023-12-29",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0026 vom 2024-01-02",
"url": "http://access.redhat.com/errata/RHSA-2024:0026"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0025 vom 2024-01-02",
"url": "http://access.redhat.com/errata/RHSA-2024:0025"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0022 vom 2024-01-02",
"url": "http://access.redhat.com/errata/RHSA-2024:0022"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0019 vom 2024-01-02",
"url": "http://access.redhat.com/errata/RHSA-2024:0019"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0012 vom 2024-01-02",
"url": "http://access.redhat.com/errata/RHSA-2024:0012"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0011 vom 2024-01-02",
"url": "http://access.redhat.com/errata/RHSA-2024:0011"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0005 vom 2024-01-02",
"url": "http://access.redhat.com/errata/RHSA-2024:0005"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0028 vom 2024-01-02",
"url": "http://access.redhat.com/errata/RHSA-2024:0028"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6563-1 vom 2024-01-02",
"url": "https://ubuntu.com/security/notices/USN-6563-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0001 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0001"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0002 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0002"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0004 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0004"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0021 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0021"
},
{
"category": "external",
"summary": "Red Hat Bug-Tracker 2255361 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0012"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0024 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0024"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0027 vom 2024-01-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-0027.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0026 vom 2024-01-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-0026.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0003 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0003"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0023 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0023"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0030 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0030"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0029 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0029"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0027 vom 2024-01-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0027"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0025 vom 2024-01-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-0025.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0012 vom 2024-01-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-0012.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0001 vom 2024-01-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-0001.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0003 vom 2024-01-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-0003.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202401-10 vom 2024-01-07",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0044-1 vom 2024-01-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017601.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASFIREFOX-2024-018 vom 2024-01-09",
"url": "https://alas.aws.amazon.com/AL2/ALASFIREFOX-2024-018.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2377 vom 2024-01-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2377.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6562-2 vom 2024-01-11",
"url": "https://ubuntu.com/security/notices/USN-6562-2"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2024:0027 vom 2024-01-12",
"url": "https://lists.centos.org/pipermail/centos-announce/2024-January/099173.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2024:0026 vom 2024-01-12",
"url": "https://lists.centos.org/pipermail/centos-announce/2024-January/099172.html"
},
{
"category": "external",
"summary": "IGEL Security Notice ISN-2024-03 vom 2024-01-31",
"url": "https://kb.igel.com/securitysafety/en/isn-2024-03-firefox-esr-vulnerabilities-112732506.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0786 vom 2024-02-12",
"url": "https://access.redhat.com/errata/RHSA-2024:0786"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0785 vom 2024-02-12",
"url": "https://access.redhat.com/errata/RHSA-2024:0785"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0790 vom 2024-02-12",
"url": "https://access.redhat.com/errata/RHSA-2024:0790"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0791 vom 2024-02-12",
"url": "https://access.redhat.com/errata/RHSA-2024:0791"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0790 vom 2024-02-14",
"url": "https://linux.oracle.com/errata/ELSA-2024-0790.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0786 vom 2024-02-15",
"url": "https://linux.oracle.com/errata/ELSA-2024-0786.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202402-25 vom 2024-02-19",
"url": "https://security.gentoo.org/glsa/202402-25"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2456 vom 2024-02-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2456.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:0786 vom 2024-03-12",
"url": "https://errata.build.resf.org/RLSA-2024:0786"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1686 vom 2024-04-04",
"url": "https://access.redhat.com/errata/RHSA-2024:1686"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6727-1 vom 2024-04-10",
"url": "https://ubuntu.com/security/notices/USN-6727-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6727-2 vom 2024-04-11",
"url": "https://ubuntu.com/security/notices/USN-6727-2"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7148094 vom 2024-04-11",
"url": "https://www.ibm.com/support/pages/node/7148094"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12337 vom 2024-04-22",
"url": "https://linux.oracle.com/errata/ELSA-2024-12337.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
"url": "https://access.redhat.com/errata/RHSA-2024:4631"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14572-1 vom 2024-12-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-012 vom 2025-06-02",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/06/Xerox-Security-Bulletin-XRX25-012-for-Xerox-FreeFlow-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Mozilla Firefox und Thunderbird: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-02T22:00:00.000+00:00",
"generator": {
"date": "2025-06-03T09:23:42.826+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2023-3185",
"initial_release_date": "2023-12-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-12-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-12-20T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora, SUSE und Debian aufgenommen"
},
{
"date": "2023-12-21T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-01-01T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat, Ubuntu und Debian aufgenommen"
},
{
"date": "2024-01-02T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2024-01-03T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-01-07T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-01-08T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-01-09T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-01-10T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-01-14T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2024-01-31T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IGEL aufgenommen"
},
{
"date": "2024-02-12T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-02-13T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-02-14T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-02-18T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-02-19T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-03-12T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-04-04T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-04-10T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-04-11T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Ubuntu und IBM aufgenommen"
},
{
"date": "2024-04-22T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-15T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "25"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "IGEL OS",
"product": {
"name": "IGEL OS",
"product_id": "T017865",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:-"
}
}
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cESR 115.6",
"product": {
"name": "Mozilla Firefox \u003cESR 115.6",
"product_id": "T031760"
}
},
{
"category": "product_version",
"name": "ESR 115.6",
"product": {
"name": "Mozilla Firefox ESR 115.6",
"product_id": "T031760-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox:esr_115.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c121",
"product": {
"name": "Mozilla Firefox \u003c121",
"product_id": "T031761"
}
},
{
"category": "product_version",
"name": "121",
"product": {
"name": "Mozilla Firefox 121",
"product_id": "T031761-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox:121"
}
}
}
],
"category": "product_name",
"name": "Firefox"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c115.6",
"product": {
"name": "Mozilla Thunderbird \u003c115.6",
"product_id": "T031762"
}
},
{
"category": "product_version",
"name": "115.6",
"product": {
"name": "Mozilla Thunderbird 115.6",
"product_id": "T031762-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:thunderbird:115.6"
}
}
}
],
"category": "product_name",
"name": "Thunderbird"
}
],
"category": "vendor",
"name": "Mozilla"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform 4.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.10",
"product_id": "T025742",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.10"
}
}
},
{
"category": "product_version",
"name": "Container Platform 4.11",
"product": {
"name": "Red Hat OpenShift Container Platform 4.11",
"product_id": "T025990",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.11"
}
}
},
{
"category": "product_version",
"name": "Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "T026435",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.12"
}
}
},
{
"category": "product_version",
"name": "Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "T033901",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.9"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-50761",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-50761"
},
{
"cve": "CVE-2023-50762",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-50762"
},
{
"cve": "CVE-2023-6135",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6135"
},
{
"cve": "CVE-2023-6856",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6856"
},
{
"cve": "CVE-2023-6857",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6857"
},
{
"cve": "CVE-2023-6858",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6858"
},
{
"cve": "CVE-2023-6859",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6859"
},
{
"cve": "CVE-2023-6860",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6860"
},
{
"cve": "CVE-2023-6861",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6861"
},
{
"cve": "CVE-2023-6862",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6862"
},
{
"cve": "CVE-2023-6863",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6863"
},
{
"cve": "CVE-2023-6864",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6864"
},
{
"cve": "CVE-2023-6865",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6865"
},
{
"cve": "CVE-2023-6866",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6866"
},
{
"cve": "CVE-2023-6867",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6867"
},
{
"cve": "CVE-2023-6868",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6868"
},
{
"cve": "CVE-2023-6869",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6869"
},
{
"cve": "CVE-2023-6870",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6870"
},
{
"cve": "CVE-2023-6871",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6871"
},
{
"cve": "CVE-2023-6872",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6872"
},
{
"cve": "CVE-2023-6873",
"product_status": {
"known_affected": [
"T031762",
"T031761",
"T033901",
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"74185",
"T031760",
"T022954",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T025742",
"T026435",
"1727",
"T025990"
]
},
"release_date": "2023-12-19T23:00:00.000+00:00",
"title": "CVE-2023-6873"
}
]
}
WID-SEC-W-2024-2100
Vulnerability from csaf_certbund - Published: 2024-09-10 22:00 - Updated: 2024-09-10 22:00Summary
IBM Power Hardware Management Console: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Hardware Management Console (HMC) von IBM ist ein System zur Virtualisierung von IBM Servern.
Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM Power Hardware Management Console ausnutzen, um beliebigen Programmcode auszuführen, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorgänge und Integer-Überläufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorgänge und Integer-Überläufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorgänge und Integer-Überläufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorgänge und Integer-Überläufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorgänge und Integer-Überläufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorgänge und Integer-Überläufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es besteht eine Schwachstelle in der IBM Power Hardware Management Console. Dieser Fehler betrifft die Mozilla Network Security Services NIST-Kurve, die in Mozilla Firefox verwendet wird, und zwar durch einen als Minerva bekannten Side-Channel-Angriff, der die Wiederherstellung des privaten Schlüssels ermöglicht. Ein anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er ein Opfer dazu bringt, eine speziell gestaltete Website zu besuchen, um vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler besteht in Xmlsoft Libxml2 aufgrund eines Pufferüberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er eine manipulierte XML-Datei bereitstellt.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler ist auf eine beobachtbare Zeitdiskrepanz in der numerischen Bibliothek zurückzuführen, die in NSS für die RSA-Kryptographie verwendet wird. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen preiszugeben und diese Informationen für weitere Angriffe zu verwenden.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es bestehen mehrere Schwachstellen in IBM Power Hardware Management Console. Diese Fehler betreffen die OpenSSL-Bibliothek aufgrund einer unsachgemäßen Behandlung von DH-Schlüsseln und Parametern während der Schlüsselvalidierung und -erzeugung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es bestehen mehrere Schwachstellen in IBM Power Hardware Management Console. Diese Fehler betreffen die OpenSSL-Bibliothek aufgrund einer unsachgemäßen Behandlung von DH-Schlüsseln und Parametern während der Schlüsselvalidierung und -erzeugung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es bestehen mehrere Schwachstellen in IBM Power Hardware Management Console. Diese Fehler betreffen die OpenSSL-Bibliothek aufgrund einer unsachgemäßen Behandlung von DH-Schlüsseln und Parametern während der Schlüsselvalidierung und -erzeugung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Diese Fehler betrifft den Apache Tomcat Server aufgrund eines Fehlers bei der Verarbeitung eines HTTP/2-Streams. Durch das Senden speziell gestalteter HTTP-Header kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler betrifft ISC BIND aufgrund einer unsachgemäßen Speicherzuweisung, die es ermöglicht, UPDATE-Nachrichten zu senden, was zu einer Speichererschöpfung führt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Die shadow-utils Bibliothek ist von diesem Fehler betroffen, da Passwortinformationen unsachgemäß gehandhabt werden, insbesondere weil der Puffer zum Speichern von Passwörtern nicht gelöscht wird. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen preiszugeben.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler betrifft die tpm2-tss Bibliothek aufgrund einer unsachgemäßen Überprüfung der Grenzen in den Tss2_RC_SetHandler und Tss2_RC_Decode Funktionen, was zu einem Pufferüberlauf führt. Ein lokaler Angreifer mit hohen Privilegien kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler betrifft die expat-Bibliothek aufgrund einer unsachgemäßen Zuweisung von Systemressourcen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er eine speziell gestaltete Anfrage mit einem übermäßig großen Token sendet.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Power Hardware Management Console <V10.3.1060.0 x86
IBM / Power Hardware Management Console
|
<V10.3.1060.0 x86 | ||
|
IBM Power Hardware Management Console <V10.3.1060.0 ppc
IBM / Power Hardware Management Console
|
<V10.3.1060.0 ppc | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 x86
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 x86 | ||
|
IBM Power Hardware Management Console <V10.2.1040.0 SP2 ppc
IBM / Power Hardware Management Console
|
<V10.2.1040.0 SP2 ppc |
References
12 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Hardware Management Console (HMC) von IBM ist ein System zur Virtualisierung von IBM Servern.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM Power Hardware Management Console ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2100 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2100.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2100 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2100"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168007 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168007"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168008 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168008"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168013 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168013"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168015 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168015"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168014 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168014"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168016 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168016"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168017 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168017"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168018 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168018"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168019 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168019"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168020 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168020"
}
],
"source_lang": "en-US",
"title": "IBM Power Hardware Management Console: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-09-10T22:00:00.000+00:00",
"generator": {
"date": "2024-09-11T08:15:41.154+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2024-2100",
"initial_release_date": "2024-09-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-09-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV10.2.1040.0 SP2 x86",
"product": {
"name": "IBM Power Hardware Management Console \u003cV10.2.1040.0 SP2 x86",
"product_id": "T037441"
}
},
{
"category": "product_version",
"name": "V10.2.1040.0 SP2 x86",
"product": {
"name": "IBM Power Hardware Management Console V10.2.1040.0 SP2 x86",
"product_id": "T037441-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10.2.1040.0_sp2_x86"
}
}
},
{
"category": "product_version_range",
"name": "\u003cV10.2.1040.0 SP2 ppc",
"product": {
"name": "IBM Power Hardware Management Console \u003cV10.2.1040.0 SP2 ppc",
"product_id": "T037443"
}
},
{
"category": "product_version",
"name": "V10.2.1040.0 SP2 ppc",
"product": {
"name": "IBM Power Hardware Management Console V10.2.1040.0 SP2 ppc",
"product_id": "T037443-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10.2.1040.0_sp2_ppc"
}
}
},
{
"category": "product_version_range",
"name": "\u003cV10.3.1060.0 x86",
"product": {
"name": "IBM Power Hardware Management Console \u003cV10.3.1060.0 x86",
"product_id": "T037444"
}
},
{
"category": "product_version",
"name": "V10.3.1060.0 x86",
"product": {
"name": "IBM Power Hardware Management Console V10.3.1060.0 x86",
"product_id": "T037444-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10.3.1060.0_x86"
}
}
},
{
"category": "product_version_range",
"name": "\u003cV10.3.1060.0 ppc",
"product": {
"name": "IBM Power Hardware Management Console \u003cV10.3.1060.0 ppc",
"product_id": "T037445"
}
},
{
"category": "product_version",
"name": "V10.3.1060.0 ppc",
"product": {
"name": "IBM Power Hardware Management Console V10.3.1060.0 ppc",
"product_id": "T037445-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10.3.1060.0_ppc"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-40546",
"notes": [
{
"category": "description",
"text": "In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorg\u00e4nge und Integer-\u00dcberl\u00e4ufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-40546"
},
{
"cve": "CVE-2023-40547",
"notes": [
{
"category": "description",
"text": "In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorg\u00e4nge und Integer-\u00dcberl\u00e4ufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-40547"
},
{
"cve": "CVE-2023-40548",
"notes": [
{
"category": "description",
"text": "In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorg\u00e4nge und Integer-\u00dcberl\u00e4ufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-40548"
},
{
"cve": "CVE-2023-40549",
"notes": [
{
"category": "description",
"text": "In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorg\u00e4nge und Integer-\u00dcberl\u00e4ufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-40549"
},
{
"cve": "CVE-2023-40550",
"notes": [
{
"category": "description",
"text": "In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorg\u00e4nge und Integer-\u00dcberl\u00e4ufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-40550"
},
{
"cve": "CVE-2023-40551",
"notes": [
{
"category": "description",
"text": "In IBM Power Hardware Management Console existieren mehrere Schwachstellen. Diese Schwachstellen betreffen die rhboot-Shim-Komponente und werden durch Fehler wie NULL-Zeiger-Dereferenzierung, Out-of-Bounds-Schreib- und Lesevorg\u00e4nge und Integer-\u00dcberl\u00e4ufe verursacht. Ein lokaler Angreifer oder ein Angreifer aus einem benachbarten Netzwerk kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen und vertrauliche Informationen preiszugeben."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-40551"
},
{
"cve": "CVE-2023-6135",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in der IBM Power Hardware Management Console. Dieser Fehler betrifft die Mozilla Network Security Services NIST-Kurve, die in Mozilla Firefox verwendet wird, und zwar durch einen als Minerva bekannten Side-Channel-Angriff, der die Wiederherstellung des privaten Schl\u00fcssels erm\u00f6glicht. Ein anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er ein Opfer dazu bringt, eine speziell gestaltete Website zu besuchen, um vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-6135"
},
{
"cve": "CVE-2023-39615",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler besteht in Xmlsoft Libxml2 aufgrund eines Puffer\u00fcberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er eine manipulierte XML-Datei bereitstellt."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-39615"
},
{
"cve": "CVE-2023-5388",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler ist auf eine beobachtbare Zeitdiskrepanz in der numerischen Bibliothek zur\u00fcckzuf\u00fchren, die in NSS f\u00fcr die RSA-Kryptographie verwendet wird. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen preiszugeben und diese Informationen f\u00fcr weitere Angriffe zu verwenden."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-5388"
},
{
"cve": "CVE-2023-3446",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM Power Hardware Management Console. Diese Fehler betreffen die OpenSSL-Bibliothek aufgrund einer unsachgem\u00e4\u00dfen Behandlung von DH-Schl\u00fcsseln und Parametern w\u00e4hrend der Schl\u00fcsselvalidierung und -erzeugung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-3817",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM Power Hardware Management Console. Diese Fehler betreffen die OpenSSL-Bibliothek aufgrund einer unsachgem\u00e4\u00dfen Behandlung von DH-Schl\u00fcsseln und Parametern w\u00e4hrend der Schl\u00fcsselvalidierung und -erzeugung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-5678",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM Power Hardware Management Console. Diese Fehler betreffen die OpenSSL-Bibliothek aufgrund einer unsachgem\u00e4\u00dfen Behandlung von DH-Schl\u00fcsseln und Parametern w\u00e4hrend der Schl\u00fcsselvalidierung und -erzeugung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2024-34750",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Diese Fehler betrifft den Apache Tomcat Server aufgrund eines Fehlers bei der Verarbeitung eines HTTP/2-Streams. Durch das Senden speziell gestalteter HTTP-Header kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2022-3094",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler betrifft ISC BIND aufgrund einer unsachgem\u00e4\u00dfen Speicherzuweisung, die es erm\u00f6glicht, UPDATE-Nachrichten zu senden, was zu einer Speicherersch\u00f6pfung f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2022-3094"
},
{
"cve": "CVE-2023-4641",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Die shadow-utils Bibliothek ist von diesem Fehler betroffen, da Passwortinformationen unsachgem\u00e4\u00df gehandhabt werden, insbesondere weil der Puffer zum Speichern von Passw\u00f6rtern nicht gel\u00f6scht wird. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen preiszugeben."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-4641"
},
{
"cve": "CVE-2023-22745",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler betrifft die tpm2-tss Bibliothek aufgrund einer unsachgem\u00e4\u00dfen \u00dcberpr\u00fcfung der Grenzen in den Tss2_RC_SetHandler und Tss2_RC_Decode Funktionen, was zu einem Puffer\u00fcberlauf f\u00fchrt. Ein lokaler Angreifer mit hohen Privilegien kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-22745"
},
{
"cve": "CVE-2023-52425",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM Power Hardware Management Console. Dieser Fehler betrifft die expat-Bibliothek aufgrund einer unsachgem\u00e4\u00dfen Zuweisung von Systemressourcen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er eine speziell gestaltete Anfrage mit einem \u00fcberm\u00e4\u00dfig gro\u00dfen Token sendet."
}
],
"product_status": {
"known_affected": [
"T037444",
"T037445",
"T037441",
"T037443"
]
},
"release_date": "2024-09-10T22:00:00.000+00:00",
"title": "CVE-2023-52425"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…