Download
| Alert*
oval:org.secpod.oval:def:63542
The host is missing a high severity security update according to Mozilla advisory, MFSA2020-21. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:63630 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-22. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:64127 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:64150 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys. oval:org.secpod.oval:def:64155 Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:66724 Several vulnerabilities were discovered in libnss3-dev, a set of cryptographic libraries, which may result in side channel/timing attacks or denial of service. oval:org.secpod.oval:def:64133 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:67036 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:503837 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:63544 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-20. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:63545 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-21. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:63546 Mozilla Firefox 77, Mozilla Firefox ESR 68.9 and Mozilla Thunderbird 68.9 : NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. oval:org.secpod.oval:def:63627 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-22. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:89000440 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53.1 - CVE-2020-12402: Fixed a potential side channel attack during RSA key generation . - CVE-2020-12399: Fixed a timing attack on DSA signature generation . - CVE-2019-17006: Added length che ... oval:org.secpod.oval:def:89000087 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53 - CVE-2020-12399: Fixed a timing attack on DSA signature generation . - CVE-2019-17006: Added length checks for cryptographic primitives . Release notes: https://developer.mozilla.org/en-US/ ... oval:org.secpod.oval:def:604873 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys. oval:org.secpod.oval:def:705515 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:705540 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:604885 Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:604928 Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in side channel/timing attacks or denial of service. oval:org.secpod.oval:def:705502 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:2106019 Oracle Solaris 11 - ( CVE-2020-12399 ) oval:org.secpod.oval:def:63543 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-20. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:63534 Mozilla Firefox 77, Mozilla Firefox ESR 68.9 and Mozilla Thunderbird 68.9.0 : NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. oval:org.secpod.oval:def:89003011 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53.1 - CVE-2019-11745: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate - CVE-2020-12402: Fixed a potential side channel attack during RSA key ... |