Download
| Alert*
oval:org.secpod.oval:def:67070
nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:67084 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:505901 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Side channel attack on ECDSA signature generation * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular ... oval:org.secpod.oval:def:65256 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-36. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:65259 Mozilla Firefox 80 : When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. oval:org.secpod.oval:def:705577 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:705594 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:4501379 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Side channel attack on ECDSA signature generation * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular ... oval:org.secpod.oval:def:1504641 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500498 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. oval:org.secpod.oval:def:69589 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Side channel attack on ECDSA signature generation * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular ... oval:org.secpod.oval:def:65242 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-36. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:65245 Mozilla Firefox 80 : When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. oval:org.secpod.oval:def:1601451 When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services library. This could lead to information disclosure. This vulnerability affects Firefox ESR A vulnerability exists where it possible to fo ... oval:org.secpod.oval:def:205683 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:504315 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:205674 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:205675 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:1503056 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700469 When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services library. This could lead to information disclosure. This vulnerability affects Firefox ESR CVE-2019-11719 (NSS oval:org.secpod.oval:def:205676 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:205857 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... |