Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:4903

Опубликовано: 02 дек. 2021
Источник: rocky
Оценка: Critical

Описание

Critical: nss security update

For more information visit https://errata.rockylinux.org/RLSA-2021:4903

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
nssi6867.el8_5nss-3.67.0-7.el8_5.i686.rpm
nssx86_647.el8_5nss-3.67.0-7.el8_5.x86_64.rpm
nss-develi6867.el8_5nss-devel-3.67.0-7.el8_5.i686.rpm
nss-develx86_647.el8_5nss-devel-3.67.0-7.el8_5.x86_64.rpm
nss-softokni6867.el8_5nss-softokn-3.67.0-7.el8_5.i686.rpm
nss-softoknx86_647.el8_5nss-softokn-3.67.0-7.el8_5.x86_64.rpm
nss-softokn-develi6867.el8_5nss-softokn-devel-3.67.0-7.el8_5.i686.rpm
nss-softokn-develx86_647.el8_5nss-softokn-devel-3.67.0-7.el8_5.x86_64.rpm
nss-softokn-freebli6867.el8_5nss-softokn-freebl-3.67.0-7.el8_5.i686.rpm
nss-softokn-freeblx86_647.el8_5nss-softokn-freebl-3.67.0-7.el8_5.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-43527

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2021-43527

CVSS3: 9.8
ubuntu
больше 3 лет назад

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.

redhat логотип

CVE-2021-43527

CVSS3: 9.8
redhat
больше 3 лет назад

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.

nvd логотип

CVE-2021-43527

CVSS3: 9.8
nvd
больше 3 лет назад

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.

msrc логотип

CVE-2021-43527

CVSS3: 9.8
msrc
больше 3 лет назад

Описание отсутствует

debian логотип

CVE-2021-43527

CVSS3: 9.8
debian
больше 3 лет назад

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR a ...