CVE-2015-5244NSS Project MOD NSS vulnerability

CWE-2646 documents5 sources
Severity
9.8CRITICALNVD
EPSS
0.2%
top 60.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
MOD NSS Project MOD NSS
Timeline
PublishedAug 7
Latest updateMay 17

Description

The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: pagure.ioPatch: pagure.io

🔴Vulnerability Details

2
GHSA
GHSA-f93f-jh28-5ffr: The NSSCipherSuite option with ciphersuites enabled in mod_nss before 12022-05-17
OSV
CVE-2015-5244: The NSSCipherSuite option with ciphersuites enabled in mod_nss before 12017-08-07

📋Vendor Advisories

1
Red Hat
mod_nss: incorrect ciphersuite parsing2015-09-15

💬Community

2
Bugzilla
CVE-2015-5244 mod_nss: incorrect ciphersuite parsing [fedora-all]2015-09-15
Bugzilla
CVE-2015-5244 mod_nss: incorrect ciphersuite parsing2015-09-02