Download
| Alert*
oval:org.secpod.oval:def:67070
nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:67084 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:505901 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Side channel attack on ECDSA signature generation * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular ... oval:org.secpod.oval:def:65256 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-36. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:65268 Mozilla Firefox 80 : When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been co ... oval:org.secpod.oval:def:705577 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:705594 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:4501379 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Side channel attack on ECDSA signature generation * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular ... oval:org.secpod.oval:def:1504641 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500498 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. oval:org.secpod.oval:def:69589 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Side channel attack on ECDSA signature generation * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular ... oval:org.secpod.oval:def:65242 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-36. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:65255 Mozilla Firefox 80 : When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been co ... oval:org.secpod.oval:def:1601451 When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services library. This could lead to information disclosure. This vulnerability affects Firefox ESR A vulnerability exists where it possible to fo ... oval:org.secpod.oval:def:205683 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:504315 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:205674 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:205675 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:1503056 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700469 When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services library. This could lead to information disclosure. This vulnerability affects Firefox ESR CVE-2019-11719 (NSS oval:org.secpod.oval:def:205676 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:205857 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... |