CVE-2022-3479
published 2022-10-14CVE-2022-3479: A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nss | < nss 2:3.87-1 (bookworm) | nss 2:3.87-1 (bookworm) |
| mozilla | network_security_services | >= 3.77 < 3.87 | 3.87 |
| mozilla | nss | >= 0 < 2:3.87-1 | 2:3.87-1 |
| mozilla | nss | >= 0 < 2:3.87-1 | 2:3.87-1 |
| mozilla | nss | >= 0 < 2:3.87-1 | 2:3.87-1 |
| mozilla | nss | >= 0 < 2:3.35-2ubuntu2.16 | 2:3.35-2ubuntu2.16 |
| mozilla | nss | >= 0 < 2:3.49.1-1ubuntu1.9 | 2:3.49.1-1ubuntu1.9 |
| mozilla | nss | >= 0 < 2:3.68.2-0ubuntu1.2 | 2:3.68.2-0ubuntu1.2 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH