Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-12399
Vulnerability from cvelistv5
Published
2020-07-09 14:52
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Thunderbird |
Version: unspecified < 68.9.0 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:51.648Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2020-20/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2020-21/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2020-22/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576" }, { "name": "DSA-4726", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2020/dsa-4726" }, { "name": "USN-4421-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4421-1/" }, { "name": "GLSA-202007-49", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202007-49" }, { "name": "[debian-lts-announce] 20200929 [SECURITY] [DLA 2388-1] nss security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "68.9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "77", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "68.9", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9." } ], "problemTypes": [ { "descriptions": [ { "description": "Timing attack on DSA signatures in NSS library", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-29T21:06:18", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2020-20/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2020-21/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2020-22/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576" }, { "name": "DSA-4726", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2020/dsa-4726" }, { "name": "USN-4421-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4421-1/" }, { "name": "GLSA-202007-49", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202007-49" }, { "name": "[debian-lts-announce] 20200929 [SECURITY] [DLA 2388-1] nss security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2020-12399", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Thunderbird", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "68.9.0" } ] } }, { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "77" } ] } }, { "product_name": "Firefox ESR", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "68.9" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Timing attack on DSA signatures in NSS library" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2020-20/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-20/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2020-21/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-21/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2020-22/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-22/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576" }, { "name": "DSA-4726", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4726" }, { "name": "USN-4421-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4421-1/" }, { "name": "GLSA-202007-49", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202007-49" }, { "name": "[debian-lts-announce] 20200929 [SECURITY] [DLA 2388-1] nss security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2020-12399", "datePublished": "2020-07-09T14:52:16", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:51.648Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2020-12399\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2020-07-09T15:15:10.757\",\"lastModified\":\"2024-11-21T04:59:38.543\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.\"},{\"lang\":\"es\",\"value\":\"NSS ha mostrado diferencias de sincronizaci\u00f3n cuando se llevan a cabo firmas DSA, que fue explotable y eventualmente podr\u00eda filtrar claves privadas. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 68.9.0, Firefox versiones anteriores a 77 y Firefox ESR versiones anteriores a 68.9\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:P/I:N/A:N\",\"baseScore\":1.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":1.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"77.0\",\"matchCriteriaId\":\"953DA746-3B0F-4926-B859-CA94CD65E4F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"68.9.0\",\"matchCriteriaId\":\"7113E7DB-1A88-4F93-AC2E-26DD06078EE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"68.9.0\",\"matchCriteriaId\":\"A5275EC9-3455-4BAE-A71E-13205D5123E6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1631576\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202007-49\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4421-1/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4726\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-20/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-21/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-22/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1631576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202007-49\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4421-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4726\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-20/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-21/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-22/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
gsd-2020-12399
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2020-12399", "description": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.", "id": "GSD-2020-12399", "references": [ "https://www.suse.com/security/cve/CVE-2020-12399.html", "https://www.debian.org/security/2020/dsa-4726", "https://www.debian.org/security/2020/dsa-4702", "https://www.debian.org/security/2020/dsa-4695", "https://access.redhat.com/errata/RHSA-2020:3280", "https://ubuntu.com/security/CVE-2020-12399", "https://security.archlinux.org/CVE-2020-12399" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2020-12399" ], "details": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.", "id": "GSD-2020-12399", "modified": "2023-12-13T01:21:49.566600Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2020-12399", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Thunderbird", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "68.9.0" } ] } }, { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "77" } ] } }, { "product_name": "Firefox ESR", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "68.9" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Timing attack on DSA signatures in NSS library" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2020-20/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-20/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2020-21/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-21/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2020-22/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-22/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576" }, { "name": "DSA-4726", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4726" }, { "name": "USN-4421-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4421-1/" }, { "name": "GLSA-202007-49", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202007-49" }, { "name": "[debian-lts-announce] 20200929 [SECURITY] [DLA 2388-1] nss security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html" } ] } }, "mozilla.org": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2020-12399" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox ESR", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "68.9" } ] } }, { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "77" } ] } }, { "product_name": "Thunderbird", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "68.9.0" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Firefox ESR \u003c 68.9, Firefox \u003c 77, and Thunderbird \u003c 68.9.0." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Timing attack on DSA signatures in NSS library" } ] } ] }, "references": { "reference_data": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2020-20/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2020-21/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2020-22/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "77.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "68.9.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "68.9.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2020-12399" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-203" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2020-20/", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://www.mozilla.org/security/advisories/mfsa2020-20/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2020-21/", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://www.mozilla.org/security/advisories/mfsa2020-21/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576", "refsource": "MISC", "tags": [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2020-22/", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://www.mozilla.org/security/advisories/mfsa2020-22/" }, { "name": "DSA-4726", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2020/dsa-4726" }, { "name": "USN-4421-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4421-1/" }, { "name": "GLSA-202007-49", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202007-49" }, { "name": "[debian-lts-announce] 20200929 [SECURITY] [DLA 2388-1] nss security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": true }, "baseMetricV3": { "cvssV3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 0.8, "impactScore": 3.6 } }, "lastModifiedDate": "2022-01-04T16:38Z", "publishedDate": "2020-07-09T15:15Z" } } }
ghsa-fq62-4j88-qq7x
Vulnerability from github
Published
2022-05-24 17:22
Modified
2022-05-24 17:22
Details
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
{ "affected": [], "aliases": [ "CVE-2020-12399" ], "database_specific": { "cwe_ids": [ "CWE-203" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2020-07-09T15:15:00Z", "severity": "MODERATE" }, "details": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.", "id": "GHSA-fq62-4j88-qq7x", "modified": "2022-05-24T17:22:37Z", "published": "2022-05-24T17:22:37Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12399" }, { "type": "WEB", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631576" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202007-49" }, { "type": "WEB", "url": "https://usn.ubuntu.com/4421-1" }, { "type": "WEB", "url": "https://www.debian.org/security/2020/dsa-4726" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2020-20" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2020-21" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2020-22" } ], "schema_version": "1.4.0", "severity": [] }
rhsa-2020_3280
Vulnerability from csaf_redhat
Published
2020-08-03 13:04
Modified
2024-11-22 15:25
Summary
Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update
Notes
Topic
An update for nss and nspr is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.
The following packages have been upgraded to a later upstream version: nss (3.53.1), nspr (4.25.0). (BZ#1809549, BZ#1809550)
Security Fix(es):
* nss: UAF in sftk_FreeSession due to improper refcounting (CVE-2019-11756)
* nss: Check length of inputs for cryptographic primitives (CVE-2019-17006)
* nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402)
* nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Install of update of nss.x86_64 adds i686 into transaction (BZ#1663187)
* NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1691409)
* TLS Keying Material Exporter is unsupported by command line tools (BZ#1691454)
* TLS_AES_256_GCM_SHA384 is not marked as FIPS compatible (BZ#1711375)
* Make TLS 1.3 work in FIPS mode (BZ#1724250)
* NSS rejects records with large padding with SHA384 HMAC (BZ#1750921)
* NSS missing IKEv1 Quick Mode KDF (BZ#1809637)
* Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1825270)
* FIPS needs nss to restrict valid dh primes to those primes that are approved. (BZ#1854564)
* nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1855825)
Enhancement(s):
* [RFE] nss should use AES for storage of keys (BZ#1723819)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss and nspr is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nThe following packages have been upgraded to a later upstream version: nss (3.53.1), nspr (4.25.0). (BZ#1809549, BZ#1809550)\n\nSecurity Fix(es):\n\n* nss: UAF in sftk_FreeSession due to improper refcounting (CVE-2019-11756)\n\n* nss: Check length of inputs for cryptographic primitives (CVE-2019-17006)\n\n* nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402)\n\n* nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Install of update of nss.x86_64 adds i686 into transaction (BZ#1663187)\n\n* NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1691409)\n\n* TLS Keying Material Exporter is unsupported by command line tools (BZ#1691454)\n\n* TLS_AES_256_GCM_SHA384 is not marked as FIPS compatible (BZ#1711375)\n\n* Make TLS 1.3 work in FIPS mode (BZ#1724250)\n\n* NSS rejects records with large padding with SHA384 HMAC (BZ#1750921)\n\n* NSS missing IKEv1 Quick Mode KDF (BZ#1809637)\n\n* Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1825270)\n\n* FIPS needs nss to restrict valid dh primes to those primes that are approved. (BZ#1854564)\n\n* nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1855825)\n\nEnhancement(s):\n\n* [RFE] nss should use AES for storage of keys (BZ#1723819)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:3280", "url": "https://access.redhat.com/errata/RHSA-2020:3280" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1663187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663187" }, { "category": "external", "summary": "1691454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691454" }, { "category": "external", "summary": "1711375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1711375" }, { "category": "external", "summary": "1724250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724250" }, { "category": "external", "summary": "1750921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750921" }, { "category": "external", "summary": "1774835", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774835" }, { "category": "external", "summary": "1775916", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775916" }, { "category": "external", "summary": "1791225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791225" }, { "category": "external", "summary": "1809637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809637" }, { "category": "external", "summary": "1825270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825270" }, { "category": "external", "summary": "1826231", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826231" }, { "category": "external", "summary": "1854564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854564" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3280.json" } ], "title": "Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-22T15:25:02+00:00", "generator": { "date": "2024-11-22T15:25:02+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:3280", "initial_release_date": "2020-08-03T13:04:49+00:00", "revision_history": [ { "date": "2020-08-03T13:04:49+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-08-03T13:04:49+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T15:25:02+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.25.0-2.el8_2.i686", "product": { "name": "nspr-0:4.25.0-2.el8_2.i686", "product_id": "nspr-0:4.25.0-2.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nspr-devel-0:4.25.0-2.el8_2.i686", "product": { "name": "nspr-devel-0:4.25.0-2.el8_2.i686", "product_id": "nspr-devel-0:4.25.0-2.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nspr-debugsource-0:4.25.0-2.el8_2.i686", "product": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.i686", "product_id": "nspr-debugsource-0:4.25.0-2.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.25.0-2.el8_2.i686", "product": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.i686", "product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-0:3.53.1-11.el8_2.i686", "product_id": "nss-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-devel-0:3.53.1-11.el8_2.i686", "product_id": "nss-devel-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-softokn-0:3.53.1-11.el8_2.i686", "product_id": "nss-softokn-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.i686", "product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-util-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-util-0:3.53.1-11.el8_2.i686", "product_id": "nss-util-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-util-devel-0:3.53.1-11.el8_2.i686", "product_id": "nss-util-devel-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-debugsource-0:3.53.1-11.el8_2.i686", "product_id": "nss-debugsource-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.i686", "product_id": "nss-debuginfo-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "product": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.25.0-2.el8_2.x86_64", "product": { "name": "nspr-0:4.25.0-2.el8_2.x86_64", "product_id": "nspr-0:4.25.0-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nspr-devel-0:4.25.0-2.el8_2.x86_64", "product": { "name": "nspr-devel-0:4.25.0-2.el8_2.x86_64", "product_id": "nspr-devel-0:4.25.0-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "product": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "product_id": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "product": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-devel-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-devel-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-softokn-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-softokn-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-sysinit-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-sysinit-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-tools-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-tools-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-util-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-util-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-util-devel-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-util-devel-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-debugsource-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-debugsource-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "product": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.25.0-2.el8_2.ppc64le", "product": { "name": "nspr-0:4.25.0-2.el8_2.ppc64le", "product_id": "nspr-0:4.25.0-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nspr-devel-0:4.25.0-2.el8_2.ppc64le", "product": { "name": "nspr-devel-0:4.25.0-2.el8_2.ppc64le", "product_id": "nspr-devel-0:4.25.0-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "product": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "product_id": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "product": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-devel-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-devel-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-devel-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-softokn-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-softokn-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-tools-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-tools-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-util-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-util-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.25.0-2.el8_2.s390x", "product": { "name": "nspr-0:4.25.0-2.el8_2.s390x", "product_id": "nspr-0:4.25.0-2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nspr-devel-0:4.25.0-2.el8_2.s390x", "product": { "name": "nspr-devel-0:4.25.0-2.el8_2.s390x", "product_id": "nspr-devel-0:4.25.0-2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nspr-debugsource-0:4.25.0-2.el8_2.s390x", "product": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.s390x", "product_id": "nspr-debugsource-0:4.25.0-2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "product": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-0:3.53.1-11.el8_2.s390x", "product_id": "nss-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-devel-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-devel-0:3.53.1-11.el8_2.s390x", "product_id": "nss-devel-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-softokn-0:3.53.1-11.el8_2.s390x", "product_id": "nss-softokn-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-sysinit-0:3.53.1-11.el8_2.s390x", "product_id": "nss-sysinit-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-tools-0:3.53.1-11.el8_2.s390x", "product_id": "nss-tools-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-util-0:3.53.1-11.el8_2.s390x", "product_id": "nss-util-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-util-devel-0:3.53.1-11.el8_2.s390x", "product_id": "nss-util-devel-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-debugsource-0:3.53.1-11.el8_2.s390x", "product_id": "nss-debugsource-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.s390x", "product_id": "nss-debuginfo-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "product": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.25.0-2.el8_2.aarch64", "product": { "name": "nspr-0:4.25.0-2.el8_2.aarch64", "product_id": "nspr-0:4.25.0-2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nspr-devel-0:4.25.0-2.el8_2.aarch64", "product": { "name": "nspr-devel-0:4.25.0-2.el8_2.aarch64", "product_id": "nspr-devel-0:4.25.0-2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.25.0-2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "product": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "product_id": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debugsource@4.25.0-2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "product": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "product_id": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.25.0-2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-devel-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-devel-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-devel-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-softokn-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-softokn-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-sysinit-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-sysinit-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-tools-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-tools-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-util-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-util-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-util-devel-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-util-devel-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-debugsource-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-debugsource-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-11.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "product": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_id": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-11.el8_2?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.25.0-2.el8_2.src", "product": { "name": "nspr-0:4.25.0-2.el8_2.src", "product_id": "nspr-0:4.25.0-2.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.25.0-2.el8_2?arch=src" } } }, { "category": "product_version", "name": "nss-0:3.53.1-11.el8_2.src", "product": { "name": "nss-0:3.53.1-11.el8_2.src", "product_id": "nss-0:3.53.1-11.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-11.el8_2?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.25.0-2.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64" }, "product_reference": "nspr-0:4.25.0-2.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.25.0-2.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686" }, "product_reference": "nspr-0:4.25.0-2.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.25.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le" }, "product_reference": "nspr-0:4.25.0-2.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.25.0-2.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x" }, "product_reference": "nspr-0:4.25.0-2.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.25.0-2.el8_2.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src" }, "product_reference": "nspr-0:4.25.0-2.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.25.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64" }, "product_reference": "nspr-0:4.25.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64" }, "product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686" }, "product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le" }, "product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x" }, "product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64" }, "product_reference": "nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64" }, "product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686" }, "product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le" }, "product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x" }, "product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64" }, "product_reference": "nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.25.0-2.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64" }, "product_reference": "nspr-devel-0:4.25.0-2.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.25.0-2.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686" }, "product_reference": "nspr-devel-0:4.25.0-2.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.25.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le" }, "product_reference": "nspr-devel-0:4.25.0-2.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.25.0-2.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x" }, "product_reference": "nspr-devel-0:4.25.0-2.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.25.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64" }, "product_reference": "nspr-devel-0:4.25.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-11.el8_2.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src" }, "product_reference": "nss-0:3.53.1-11.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-debugsource-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-debugsource-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-debugsource-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-debugsource-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-devel-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-devel-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-devel-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-devel-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-devel-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-softokn-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-softokn-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-softokn-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-softokn-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-softokn-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-sysinit-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-sysinit-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-sysinit-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-tools-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-tools-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-tools-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-tools-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-util-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-util-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-util-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-util-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-util-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-11.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64" }, "product_reference": "nss-util-devel-0:3.53.1-11.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-11.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686" }, "product_reference": "nss-util-devel-0:3.53.1-11.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le" }, "product_reference": "nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-11.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x" }, "product_reference": "nss-util-devel-0:3.53.1-11.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-11.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" }, "product_reference": "nss-util-devel-0:3.53.1-11.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] } ], "cve": "CVE-2019-11756", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-11-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1774835" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in Mozilla Network Security Services (NSS) related to PK11 session handling. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled with NSS.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Use-after-free in sftk_FreeSession due to improper refcounting", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw was fixed in upstream nss-3.47. Exploitation of this flaw is difficult and even impossible in most cases.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11756" }, { "category": "external", "summary": "RHBZ#1774835", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774835" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11756", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11756" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11756", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11756" }, { "category": "external", "summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47_release_notes", "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47_release_notes" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-03T13:04:49+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3280" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nss: Use-after-free in sftk_FreeSession due to improper refcounting" }, { "acknowledgments": [ { "names": [ "the Mozilla Project" ] } ], "cve": "CVE-2019-17006", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2019-11-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775916" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in nss where input text length was not checked when using certain cryptographic primitives. This could lead to a heap-buffer overflow resulting in a crash and data leak. The highest threat is to confidentiality and integrity of data as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Check length of inputs for cryptographic primitives", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17006" }, { "category": "external", "summary": "RHBZ#1775916", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775916" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17006", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17006" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17006", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17006" }, { "category": "external", "summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes", "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes" } ], "release_date": "2019-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-03T13:04:49+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3280" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nss: Check length of inputs for cryptographic primitives" }, { "cve": "CVE-2019-17023", "discovery_date": "2020-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1791225" } ], "notes": [ { "category": "description", "text": "A protocol downgrade flaw was found in Network Security Services (NSS). After a HelloRetryRequest has been sent, the client may negotiate a lower protocol than TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw causes the client to hang when there is a downgrade attempt. Therefore no actual protocol downgrade occurs.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17023" }, { "category": "external", "summary": "RHBZ#1791225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791225" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17023", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17023" }, { "category": "external", "summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49_release_notes", "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49_release_notes" } ], "release_date": "2020-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-03T13:04:49+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3280" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state" }, { "acknowledgments": [ { "names": [ "Cesar Pereida Garcia", "Network and Information Security Group" ], "organization": "Tampere University", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2020-12399", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2020-04-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1826177" } ], "notes": [ { "category": "description", "text": "A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value \u0027k\u0027 is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Timing attack on DSA signature generation", "title": "Vulnerability summary" }, { "category": "other", "text": "A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.\n\nFirefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-12399" }, { "category": "external", "summary": "RHBZ#1826177", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826177" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-12399", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12399" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12399", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12399" }, { "category": "external", "summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.4_release_notes", "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.4_release_notes" }, { "category": "external", "summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52.1_release_notes", "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52.1_release_notes" } ], "release_date": "2020-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-03T13:04:49+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3280" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nss: Timing attack on DSA signature generation" }, { "acknowledgments": [ { "names": [ "the Mozilla Project" ] }, { "names": [ "Billy Bob Brumley", "Cesar Pereida", "Nicola Tuveri", "Yuval Yarom" ], "organization": "Network and Information Security Group (NISEC", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2020-12402", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2020-04-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1826231" } ], "notes": [ { "category": "description", "text": "A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Side channel vulnerabilities during RSA key generation", "title": "Vulnerability summary" }, { "category": "other", "text": "A timing attack was found in the way NSS generated RSA keys. A man-in-the-middle attacker could use this attack during RSA key generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-12402" }, { "category": "external", "summary": "RHBZ#1826231", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826231" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-12402", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12402" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12402", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12402" }, { "category": "external", "summary": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53.1_release_notes", "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53.1_release_notes" } ], "release_date": "2020-06-02T12:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-03T13:04:49+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3280" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nspr-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debuginfo-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-debugsource-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nspr-devel-0:4.25.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.src", "AppStream-8.2.0.Z.MAIN.EUS:nss-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-debugsource-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-softokn-freebl-devel-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-sysinit-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-tools-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-debuginfo-0:3.53.1-11.el8_2.x86_64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.aarch64", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.i686", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.ppc64le", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.s390x", "AppStream-8.2.0.Z.MAIN.EUS:nss-util-devel-0:3.53.1-11.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nss: Side channel vulnerabilities during RSA key generation" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.