FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
47695a9c-5377-11ec-8be6-d4c9ef517024	NSS -- Memory corruption The Mozilla project reports: Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures (Critical) NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. Discovery 2021-12-01 Entry 2021-12-02 nss < 3.73 CVE-2021-43527 https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/

VuXML ID

Description

47695a9c-5377-11ec-8be6-d4c9ef517024

NSS -- Memory corruption

The Mozilla project reports:

Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures (Critical)

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS.

Discovery 2021-12-01
Entry 2021-12-02
nss

< 3.73

CVE-2021-43527
https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/