Описание
The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors.
Ссылки
- Issue TrackingThird Party AdvisoryVDB Entry
- Issue TrackingThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:nss_compat_ossl_project:nss_compat_ossl:-:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00422
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
redhat
больше 10 лет назад
The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors.
CVSS3: 9.8
github
больше 3 лет назад
The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors.
EPSS
Процентиль: 62%
0.00422
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20