CVE-2019-17007
published 2020-10-22CVE-2019-17007: In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nss | < nss 2:3.45-1 (bookworm) | nss 2:3.45-1 (bookworm) |
| mozilla | network_security_services | < 3.44 | 3.44 |
| mozilla | nss | >= 0 < 2:3.45-1 | 2:3.45-1 |
| mozilla | nss | >= 0 < 2:3.45-1 | 2:3.45-1 |
| mozilla | nss | >= 0 < 2:3.45-1 | 2:3.45-1 |
| mozilla | nss | >= 0 < 2:3.45-1 | 2:3.45-1 |
| mozilla | nss | >= unspecified < 3.44 | 3.44 |
| siemens | ruggedcom_rox_mx5000_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1400_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1500_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1501_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1510_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1511_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx1512_firmware | < 2.14.0 | 2.14.0 |
| siemens | ruggedcom_rox_rx5000_firmware | < 2.14.0 | 2.14.0 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH