CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-25648 – nss: TLS 1.3 CCS flood remote DoS Attack
https://notcve.org/view.php?id=CVE-2020-25648
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58. Se encontró un fallo en la manera en que NSS manejaba los mensajes CCS (ChangeCipherSpec) en TLS versión 1.3. • https://bugzilla.redhat.com/show_bug.cgi?id=1887319 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lists.debian.org/debian-lts-announce/2023/10/msg00039.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERA5SVJQXQMDGES7RIT4F4NQVLD35RXN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproje • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 10.0EPSS: 0%CPEs: 21EXPL: 1CVE-2019-17006 – nss: Check length of inputs for cryptographic primitives
https://notcve.org/view.php?id=CVE-2019-17006
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow. En Network Security Services (NSS) versiones anteriores a 3.46, varias primitivas criptográficas presentaban una falta de comprobación de longitud. En los casos en que la aplicación que llama a la biblioteca no llevó a cabo una comprobación de saneo en las entradas, lo que podría resultar en un bloqueo debido a un desbordamiento del búfer A vulnerability was discovered in nss where input text length was not checked when using certain cryptographic primitives. This could lead to a heap-buffer overflow resulting in a crash and data leak. • https://bugzilla.mozilla.org/show_bug.cgi?id=1539788 https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes https://security.netapp.com/advisory/ntap-20210129-0001 https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04 https://access.redhat.com/security/cve/CVE-2019-17006 https://bugzilla.redhat.com/show_bug.cgi?id=1775916 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 1CVE-2019-17007 – nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS
https://notcve.org/view.php?id=CVE-2019-17007
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service. En Network Security Services versiones anteriores a 3.44, una Secuencia de Certificados Netscape malformado puede causar que NSS se bloquee, resultando en una denegación de servicio • https://bugzilla.mozilla.org/show_bug.cgi?id=1533216 https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44_release_notes https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04 https://access.redhat.com/security/cve/CVE-2019-17007 https://bugzilla.redhat.com/show_bug.cgi?id=1703979 • CWE-295: Improper Certificate Validation CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2018-18508 – nss: NULL pointer dereference in several CMS functions resulting in a denial of service
https://notcve.org/view.php?id=CVE-2018-18508
In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service. En Network Security Services (NSS) versiones anteriores a 3.36.7 y versiones anteriores a 3.41.1, una firma malformada puede causar un bloqueo debido a una desreferencia de null, resultando en una Denegación de Servicio • https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.36.7_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.41.1_release_notes https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04 https://access.redhat.com/security/cve/CVE-2018-18508 https://bugzilla.redhat.com/show_bug.cgi?id=1671310 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 10%CPEs: 1EXPL: 0CVE-2018-12404 – nss: Cache side-channel variant of the Bleichenbacher attack
https://notcve.org/view.php?id=CVE-2018-12404
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41. Un ataque de canal lateral en caché durante transacciones usando RSA podría permitir el descifrado de contenido encriptado. Esta es una variante del ataque Adaptive Chosen Ciphertext (conocido como ataque Bleichenbacher) y afecta a todas las versiones de NSS anteriores a NSS 3.41. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00021.html http://www.securityfocus.com/bid/107260 https://access.redhat.com/errata/RHSA-2019:2237 https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12404 https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html ht • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •