ALAS-2017-911 ---- nssID: oval:org.secpod.oval:def:1600790 | Date: (C)2017-10-13 (M)2023-12-20 |
Class: PATCH | Family: unix |
Potential use-after-free in TLS 1.2 server when verifying client authentication:A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application
Platform: |
Amazon Linux AMI |