Lucene search
RedHatRHSA-2020:0466HistoryFeb 11, 2020 - 8:06 a.m.
(RHSA-2020:0466) Important: nss-softokn security update
2020-02-1108:06:00
access.redhat.com
59
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
71.0%
The nss-softokn package provides the Network Security Services Softoken Cryptographic Module.
Security Fix(es):
- nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | i686 | nss-softokn-debuginfo | < 3.14.3-23.el6_6 | nss-softokn-debuginfo-3.14.3-23.el6_6.i686.rpm |
| RedHat | 6 | i686 | nss-softokn-devel | < 3.14.3-23.el6_6 | nss-softokn-devel-3.14.3-23.el6_6.i686.rpm |
| RedHat | 6 | i686 | nss-softokn-freebl-devel | < 3.14.3-23.el6_6 | nss-softokn-freebl-devel-3.14.3-23.el6_6.i686.rpm |
| RedHat | 6 | x86_64 | nss-softokn-freebl | < 3.14.3-23.el6_6 | nss-softokn-freebl-3.14.3-23.el6_6.x86_64.rpm |
| RedHat | 6 | x86_64 | nss-softokn-freebl-devel | < 3.14.3-23.el6_6 | nss-softokn-freebl-devel-3.14.3-23.el6_6.x86_64.rpm |
| RedHat | 6 | x86_64 | nss-softokn-debuginfo | < 3.14.3-23.el6_6 | nss-softokn-debuginfo-3.14.3-23.el6_6.x86_64.rpm |
| RedHat | 6 | x86_64 | nss-softokn | < 3.14.3-23.el6_6 | nss-softokn-3.14.3-23.el6_6.x86_64.rpm |
| RedHat | 6 | i686 | nss-softokn-freebl | < 3.14.3-23.el6_6 | nss-softokn-freebl-3.14.3-23.el6_6.i686.rpm |
| RedHat | 6 | i686 | nss-softokn | < 3.14.3-23.el6_6 | nss-softokn-3.14.3-23.el6_6.i686.rpm |
| RedHat | 6 | x86_64 | nss-softokn-devel | < 3.14.3-23.el6_6 | nss-softokn-devel-3.14.3-23.el6_6.x86_64.rpm |
Related
nessus
nessus
CentOS 6 : nss-softokn (CESA-2019:4152)
2019-12-12 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : NSS vulnerability (USN-4203-1)
2019-12-03 00:00:00
RHEL 8 : nss (RHSA-2020:0243)
2020-01-28 00:00:00
openvas
openvas
CentOS Update for nss-softokn CESA-2019:4152 centos6
2019-12-12 00:00:00
Mageia: Security Advisory (MGASA-2019-0374)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4203-1)
2019-11-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-12-10 00:18:20
alpinelinux
alpinelinux
CVE-2019-11745
2020-01-08 20:15:12
nvd
nvd
CVE-2019-11745
2020-01-08 20:15:12
ibm
ibm
osv
osv
nss - security update
2019-11-25 00:00:00
CVE-2019-11745
2020-01-08 20:15:12
nss - security update
2019-12-06 00:00:00
oraclelinux
oraclelinux
nss-softokn security update
2019-12-11 00:00:00
nss security update
2019-12-09 00:00:00
nss, nss-softokn, nss-util security update
2019-12-11 00:00:00
prion
prion
Design/Logic Flaw
2020-01-08 20:15:00
debian
debian
[SECURITY] [DLA 2008-1] nss security update
2019-11-25 23:15:08
[SECURITY] [DSA 4579-1] nss security update
2019-12-06 21:54:22
[SECURITY] [DLA 2388-1] nss security update
2020-09-29 19:15:28
mageia
mageia
Updated nss packages fix security vulnerability
2019-12-08 21:12:18
redhat
redhat
(RHSA-2019:4114) Important: nss security update
2019-12-09 12:58:06
(RHSA-2019:4152) Important: nss-softokn security update
2019-12-10 10:02:18
(RHSA-2020:0243) Important: nss security update
2020-01-27 14:55:26
ubuntucve
ubuntucve
CVE-2019-11745
2019-11-25 00:00:00
redhatcve
redhatcve
CVE-2019-11745
2020-04-06 17:07:36
ubuntu
ubuntu
NSS vulnerability
2019-11-27 00:00:00
NSS vulnerability
2019-11-27 00:00:00
Firefox vulnerabilities
2019-12-09 00:00:00
debiancve
debiancve
CVE-2019-11745
2020-01-08 20:15:12
centos
centos
nss security update
2019-12-11 17:44:29
nss security update
2019-12-24 15:55:26
cve
cve
CVE-2019-11745
2020-01-08 20:15:12
cvelist
cvelist
CVE-2019-11745
2020-01-08 19:22:00
amazon
amazon
Important: nss-util
2023-02-17 00:11:00
Important: nss
2020-01-14 20:03:00
Important: nss-util
2024-02-15 03:52:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0619
2023-07-27 00:00:00
suse
suse
Security update for mozilla-nspr, mozilla-nss (moderate)
2020-01-12 00:00:00
Security update for MozillaThunderbird (important)
2020-01-09 00:00:00
Security update for MozillaFirefox (important)
2020-01-09 00:00:00
gentoo
gentoo
Mozilla Network Security Service: Multiple vulnerabilities
2020-03-16 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2020-03-12 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2020-03-14 00:00:00
archlinux
archlinux
[ASA-201912-2] thunderbird: arbitrary code execution
2019-12-06 00:00:00
[ASA-201912-1] firefox: multiple issues
2019-12-03 00:00:00
ics
ics
Siemens RUGGEDCOM ROX II
2021-02-09 12:00:00
mozilla
mozilla
Security Vulnerabilities fixed in - Thunderbird 68.3 — Mozilla
2019-12-03 00:00:00
Security Vulnerabilities fixed in - Firefox ESR 68.3 — Mozilla
2019-12-03 00:00:00
Security Vulnerabilities fixed in - Firefox 71 — Mozilla
2019-12-03 00:00:00
kaspersky
kaspersky
KLA11612 Multiple vulnerabilities in Mozilla Firefox ESR
2019-12-03 00:00:00
KLA11613 Multiple vulnerabilities in Mozilla Thunderbird
2019-11-09 00:00:00
KLA11611 Multiple vulnerabilities in Mozilla Firefox
2019-12-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 68.3.1-alt1
2019-12-23 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 68.3.0-alt1
2019-12-05 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2019-12-03 19:30:37
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
71.0%
Related for RHSA-2020:0466