Download
| Alert*
oval:org.secpod.oval:def:89993
The remote host is missing a patch 119213-41 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89992 The remote host is missing a patch 119214-41 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:605700 Tavis Ormandy discovered that nss, the Mozilla Network Security Service library, is prone to a heap overflow flaw when verifying DSA or RSA-PPS signatures, which could result in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:89046806 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to fix various issues: FIPS 140-3 enablement patches were backported from SUSE Linux Enterprise 15. - FIPS: add on-demand integrity tests through sftk_FIPSRepeatIntegrityCheck . - FIPS: mark algorithms as a ... oval:org.secpod.oval:def:76577 Tavis Ormandy discovered that nss, the Mozilla Network Security Service library, is prone to a heap overflow flaw when verifying DSA or RSA-PPS signatures, which could result in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:2107136 Oracle Solaris 11 - ( CVE-2021-43527 ) oval:org.secpod.oval:def:1505452 [3.44.0-7.0.2] - Fix CVE-2021-43527 [Orabug: 33627334] oval:org.secpod.oval:def:506614 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Memory corruption in decodeECorDsaSignature with DSA signatures For more details about the security issue, including the impa ... oval:org.secpod.oval:def:75770 The host is missing a high severity security update according to the Mozilla advisory MFSA2021-50 and is prone to multiple vulnerabilities. The flas are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified impa ... oval:org.secpod.oval:def:89045801 This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures . oval:org.secpod.oval:def:205922 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Memory corruption in decodeECorDsaSignature with DSA signatures For more details about the security issue, including the impa ... oval:org.secpod.oval:def:506615 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Memory corruption in decodeECorDsaSignature with DSA signatures For more details about the security issue, including the impa ... oval:org.secpod.oval:def:1505338 [3.67.0-4] - fix CVE-2021-43527 oval:org.secpod.oval:def:1505337 [3.67.0-7] - Fix CVE 2021 43527 oval:org.secpod.oval:def:1701184 NSS up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TL ... oval:org.secpod.oval:def:121261 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security stan ... oval:org.secpod.oval:def:1701168 NSS up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TL ... oval:org.secpod.oval:def:89047163 This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures . oval:org.secpod.oval:def:706232 thunderbird: Mozilla Open Source mail and newsgroup client Thunderbird could be made to crash or run programs if it verified a specially crafted signature. oval:org.secpod.oval:def:4500080 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page ... oval:org.secpod.oval:def:3300359 SUSE Security Update: Security update for mozilla-nss oval:org.secpod.oval:def:706233 nss: Network Security Service library NSS could be made to crash or run programs if it verified a specially crafted signature. oval:org.secpod.oval:def:3300437 SUSE Security Update: Security update for mozilla-nss oval:org.secpod.oval:def:76605 thunderbird: Mozilla Open Source mail and newsgroup client Thunderbird could be made to crash or run programs if it verified a specially crafted signature. oval:org.secpod.oval:def:19500079 NSS up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TL ... oval:org.secpod.oval:def:76604 nss: Network Security Service library NSS could be made to crash or run programs if it verified a specially crafted signature. oval:org.secpod.oval:def:98114 Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS sign ... oval:org.secpod.oval:def:1601500 NSS up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other ... oval:org.secpod.oval:def:97589 [CLSA-2021:1640002354] Fixed CVE-2021-43527 in nss oval:org.secpod.oval:def:1700740 NSS up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other ... oval:org.secpod.oval:def:89045812 This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures . oval:org.secpod.oval:def:2500325 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. oval:org.secpod.oval:def:1701172 NSS up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TL ... oval:org.secpod.oval:def:89045870 This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures . oval:org.secpod.oval:def:121255 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security stan ... oval:org.secpod.oval:def:1701177 NSS up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TL ... |