CVE-2018-18508
published 2020-10-22CVE-2018-18508: In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nss | < nss 2:3.42.1-1 (bookworm) | nss 2:3.42.1-1 (bookworm) |
| mozilla | network_security_services | < 3.36.7 | 3.36.7 |
| mozilla | network_security_services | >= 3.41 < 3.41.1 | 3.41.1 |
| mozilla | nss | >= 0 < 2:3.42.1-1 | 2:3.42.1-1 |
| mozilla | nss | >= 0 < 2:3.42.1-1 | 2:3.42.1-1 |
| mozilla | nss | >= 0 < 2:3.42.1-1 | 2:3.42.1-1 |
| mozilla | nss | >= 0 < 2:3.42.1-1 | 2:3.42.1-1 |
| mozilla | nss | >= unspecified < 3.41.1 | 3.41.1 |
| mozilla | nss | >= unspecified < 3.36.7 | 3.36.7 |
| siemens | ruggedcom_rox_mx5000_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1400_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1500_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1501_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1510_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1511_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1512_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx5000_firmware | < 2.14.0 | 2.14.0 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM