Описание
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 54.0+build3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [53.0+build6-0ubuntu0.14.04.1]] |
| precise | ignored | |
| precise/esm | DNE | precise was ignored |
| trusty | released | 53.0+build6-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [53.0+build6-0ubuntu0.14.04.1] |
| upstream | released | 53.0 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 53.0+build6-0ubuntu0.16.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2:3.28.4-0ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 2:3.28.4-0ubuntu0.14.04.1 |
| esm-infra/xenial | not-affected | 2:3.28.4-0ubuntu0.16.04.1 |
| precise | ignored | end of life |
| precise/esm | not-affected | 2:3.28.4-0ubuntu0.12.04.1 |
| trusty | released | 2:3.28.4-0ubuntu0.14.04.1 |
| trusty/esm | not-affected | 2:3.28.4-0ubuntu0.14.04.1 |
| upstream | released | 3.28.4, 3.30.1 |
| vivid/stable-phone-overlay | ignored | end of life |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:52.1.1+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:52.1.1+build1-0ubuntu0.14.04.1]] |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needs-triage |
| trusty | released | 1:52.1.1+build1-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1:52.1.1+build1-0ubuntu0.14.04.1] |
| upstream | released | 52.1.1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 1:52.1.1+build1-0ubuntu0.16.04.1 |
Показывать по
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
A flaw in DRBG number generation within the Network Security Services ...
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
Уязвимость службы сетевой безопасности NSS браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать влияние на целостность данных
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3