nss

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Network Security Services
Version 3.78-1 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2596 3.72-2 3.73-1 High Fixed
AVG-247 3.30-1 3.30.1-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2021-43527 AVG-2596 High Yes Arbitrary code execution
NSS (Network Security Services) versions prior to 3.73 are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications...
CVE-2017-5461 AVG-247 Critical Yes Arbitrary code execution
An out-of-bounds write during Base64 decoding operation has been found in the Network Security Services (NSS) library due to insufficient memory being...

Advisories

Date Advisory Group Severity Type
03 Dec 2021 ASA-202112-3 AVG-2596 High arbitrary code execution
20 Apr 2017 ASA-201704-4 AVG-247 Critical arbitrary code execution