Download
| Alert*
oval:org.secpod.oval:def:4501520
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: timing attack against RSA decryption For more details about the security issue, including the impact, a CVSS score, acknowledg ... oval:org.secpod.oval:def:98548 Mozilla Firefox 124, Mozilla Firefox ESR 115.9, Mozilla Thunderbird 115.9.0 : NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. oval:org.secpod.oval:def:2501300 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. oval:org.secpod.oval:def:708870 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:1507246 [3.90.0-4] - Fix expired certs in tests - Fix CVE-2023-5388 oval:org.secpod.oval:def:98564 Mozilla Firefox 124, Mozilla Firefox ESR 115.9, Mozilla Thunderbird 115.9 : NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. oval:org.secpod.oval:def:99099 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:89051526 This update for mozilla-nss fixes the following issues: Update to NSS 3.90.2: * CVE-2023-5388: Fixed timing attack against RSA decryption in TLS oval:org.secpod.oval:def:89051527 This update for mozilla-nss fixes the following issues: Update to NSS 3.90.2: * CVE-2023-5388: Fixed timing attack against RSA decryption in TLS oval:org.secpod.oval:def:2600478 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. oval:org.secpod.oval:def:1507250 [3.90.0-4] - CVE-2023-5388 nss: timing attack against RSA decryption. Make the final blinding multmod constant time. oval:org.secpod.oval:def:509106 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: nss: timing attack against RSA decryption For more details about the security issue, including the impact, a CVSS score, acknowledgme ... oval:org.secpod.oval:def:99578 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:1601875 It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens befor ... oval:org.secpod.oval:def:99587 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:1702058 It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens befor ... oval:org.secpod.oval:def:19500577 It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens befor ... oval:org.secpod.oval:def:3302441 Security update for mozilla-nss oval:org.secpod.oval:def:89051506 This update for mozilla-nss fixes the following issues: Update to NSS 3.90.2: * CVE-2023-5388: Fixed timing attack against RSA decryption in TLS oval:org.secpod.oval:def:2600536 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:509160 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fix: nss: timing attack against RSA decryption Mozilla: Crash in NSS TLS method Mozilla: Leaking of encrypted email subjects to other conversations Mozilla: JIT code failed ... oval:org.secpod.oval:def:206076 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:98547 The host is missing a high severity security update according to the Mozilla advisory MFSA2024-14 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle various components. Successful exploitation could lead to multiple impacts. oval:org.secpod.oval:def:98546 The host is missing a high severity security update according to the Mozilla advisory MFSA2024-13 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle various components. Successful exploitation could lead to multiple impacts. oval:org.secpod.oval:def:99565 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:98562 The host is missing a high severity security update according to the Mozilla advisory MFSA2024-13 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could lead to a potentially exploitable crash. oval:org.secpod.oval:def:98563 The host is missing a high severity security update according to the Mozilla advisory MFSA2024-14 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could lead to a potentially exploitable crash. oval:org.secpod.oval:def:4501546 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fix: * nss: timing attack against RSA decryption * Mozilla: Crash in NSS TLS method * Mozilla: Leaking of encrypted email subjects to other conversations * Mozilla: JIT cod ... oval:org.secpod.oval:def:89051688 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.0 ESR : * CVE-2024-0743: Crash in NSS TLS method . * CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector . * CVE-2024-2607: JIT code failed to save return registers on Armv7-A ... oval:org.secpod.oval:def:1507406 [115.9.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 oval:org.secpod.oval:def:1507412 [115.9.0-1.0.1] - Add Oracle prefs [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 oval:org.secpod.oval:def:2501367 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:1507410 [115.9.0-1.0.1] - Add Oracle prefs [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 oval:org.secpod.oval:def:708856 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:509159 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fix: nss: timing attack against RSA decryption Mozilla: Crash in NSS TLS method Mozilla: Leaking of encrypted email subjects to other conversations Mozilla: JIT code failed ... oval:org.secpod.oval:def:613023 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure, bypass of content security policies or spoofing. oval:org.secpod.oval:def:613024 Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or leaks of encrypted email subjects. oval:org.secpod.oval:def:509155 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fix: nss: timing attack against RSA decryption Mozilla: Crash in NSS TLS method Mozilla: Leaking of encrypted email subjects to other conversations Mozilla: JIT code failed ... oval:org.secpod.oval:def:2600533 Mozilla Firefox is an open-source web browser, designed for standards oval:org.secpod.oval:def:206077 Security Fix: nss: timing attack against RSA decryption Mozilla: Crash in NSS TLS method Mozilla: JIT code failed to save return registers on Armv7-A Mozilla: Integer overflow could have led to out of bounds write Mozilla: Improve handling of out-of-memory conditions in ICU Mozilla: Improper ha ... oval:org.secpod.oval:def:89051698 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 . * CVE-2024-29944: Privileged JavaScript Execution via Event Handlers . Firefox Extended Support Release 115.9.0 ESR : * CVE-2024-0743: Crash in NSS TLS method . * CVE-2024-2605: ... oval:org.secpod.oval:def:1507408 [115.9.1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file [115.9.1] - Add debranding patches - Add OpenELA default preferences [115.9.1-1] - Update to 115.9.1 [115.9.0-2] - Update to 115.9.0 build2 [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-5242 ... oval:org.secpod.oval:def:1507407 [115.9.1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file [115.9.1] - Add debranding patches - Add OpenELA default preferences [115.9.1-1] - Update to 115.9.1 [115.9.0-2] - Update to 115.9.0 build2 [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-5242 ... oval:org.secpod.oval:def:4501543 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.9.1 ESR. Security Fix: * nss: timing attack against RSA decryption * Mozilla: Crash in NSS TLS method * Mozilla: JIT code failed to save retur ... oval:org.secpod.oval:def:1507415 [115.9.1-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [115.9.1-1] - Update to 115.9.1 [115.9.0-2] - Update to 115.9.0 build2 [115.9.0-1] - Update to 115 ... oval:org.secpod.oval:def:509153 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.9.1 ESR. Security Fix: nss: timing attack against RSA decryption Mozilla: Crash in NSS TLS method Mozilla: JIT code failed to save return regi ... oval:org.secpod.oval:def:509156 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.9.1 ESR. Security Fix: nss: timing attack against RSA decryption Mozilla: Crash in NSS TLS method Mozilla: JIT code failed to save return regi ... oval:org.secpod.oval:def:509157 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.9.1 ESR. Security Fix: nss: timing attack against RSA decryption Mozilla: Crash in NSS TLS method Mozilla: JIT code failed to save return regi ... oval:org.secpod.oval:def:2501359 Mozilla Firefox is an open-source web browser, designed for standards oval:org.secpod.oval:def:99978 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure, bypass of content security policies or spoofing. oval:org.secpod.oval:def:99979 Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or leaks of encrypted email subjects. oval:org.secpod.oval:def:708840 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:98545 The host is missing a high severity security update according to the Mozilla advisory MFSA2024-12 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle various components. Successful exploitation could lead to multiple impacts. oval:org.secpod.oval:def:98561 The host is missing a high severity security update according to the Mozilla advisory MFSA2024-12 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could lead to a potentially exploitable crash. oval:org.secpod.oval:def:99552 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. |