Debian Nss vulnerabilities

CVE-2026-2781 [CRITICAL] CVE-2026-2781: firefox - Integer overflow in the Libraries component in NSS. This vulnerability affects F... Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2024-6602 [CRITICAL] CVE-2024-6602: firefox - A mismatch between allocator and deallocator could have led to memory corruption... A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)

CVE-2024-0743 [HIGH] CVE-2024-0743: firefox - An unchecked return value in TLS handshake code could have caused a potentially ... An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9. Scope: local sid: resolved (fixed in 122.0-1)

CVE-2024-6609 [HIGH] CVE-2024-6609: firefox - When almost out-of-memory an elliptic curve key which was never allocated could ... When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)

CVE-2024-7531 [MEDIUM] CVE-2024-7531: firefox - Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input... Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite t

CVE-2023-0767 [HIGH] CVE-2023-0767: firefox - An attacker could construct a PKCS 12 cert bundle in such a way that could allow... An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. Scope: local sid: resolved (fixed in 110.0-1)

CVE-2023-4421 [MEDIUM] CVE-2023-4421: nss - The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mou... The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected ciphertexts, the attacker would be able to decrypt a previously intercepted PKCS

CVE-2023-6135 [MEDIUM] CVE-2023-6135: firefox - Multiple NSS NIST curves were susceptible to a side-channel attack known as "Min... Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121. Scope: local sid: resolved (fixed in 121.0-1)

CVE-2023-5388 [MEDIUM] CVE-2023-5388: firefox - NSS was susceptible to a timing side-channel attack when performing RSA decrypti... NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Scope: local sid: resolved (fixed in 124.0-1)

CVE-2022-3479 [HIGH] CVE-2022-3479: nss - A vulnerability found in nss. By this security vulnerability, nss client auth cr... A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash. Scope: local bookworm: resolved (fixed in 2:3.87-1) bullseye: resolved forky: resolved (fixed in 2:3.87-1) sid: resolved (fixed in 2:3.87-1) trixie: resolved (fixed in 2:3.87-1)

CVE-2022-22747 [MEDIUM] CVE-2022-22747: firefox - After accepting an untrusted certificate, handling an empty pkcs7 sequence as pa... After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Scope: local sid: resolved (fixed in 96.0-1)

CVE-2021-43527 [CRITICAL] CVE-2021-43527: nss - NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnera... NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL func

CVE-2020-12403 [CRITICAL] CVE-2020-12403: nss - A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions... A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and

CVE-2020-25648 [HIGH] CVE-2020-25648: nss - A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1... A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58. Scope: local bookworm: resolved (fixe

CVE-2020-12400 [MEDIUM] CVE-2020-12400: firefox - When converting coordinates from projective to affine, the modular inversion was... When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80. Scope: local sid: resolved (fixed in 80.0-1)

CVE-2020-12402 [MEDIUM] CVE-2020-12402: nss - During RSA key generation, bignum implementations used a variation of the Binary... During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA ke

CVE-2020-12399 [MEDIUM] CVE-2020-12399: firefox - NSS has shown timing differences when performing DSA signatures, which was explo... NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. Scope: local sid: resolved (fixed in 77.0-1)

CVE-2020-6829 [MEDIUM] CVE-2020-6829: firefox - When performing EC scalar point multiplication, the wNAF point multiplication al... When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80. Scope: loca

CVE-2020-12401 [MEDIUM] CVE-2020-12401: firefox - During ECDSA signature generation, padding applied in the nonce designed to ensu... During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80. Scope: local sid: resolved (fixed in 80.0-1)

CVE-2020-12413 [MEDIUM] CVE-2020-12413: nss - The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS spe... The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites. Scope: local bookworm: resolved (fixed in 2:3.17-1) bullseye: resolved (fixed in 2:3.17-1) forky: resolved (fixed in 2:3.17-1) sid: resolved (fixed in 2:3.17-1) trixie: resolved (fixed in 2:3.17-1)