vulnerability

CentOS Linux: CVE-2019-17006: Moderate: nss and nspr security, bug fix, and enhancement update (Multiple Advisories)

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Aug 3, 2020
Added
Aug 4, 2020
Modified
May 25, 2023

Description

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.

Solution(s)

centos-upgrade-nsprcentos-upgrade-nspr-debuginfocentos-upgrade-nspr-debugsourcecentos-upgrade-nspr-develcentos-upgrade-nsscentos-upgrade-nss-debuginfocentos-upgrade-nss-debugsourcecentos-upgrade-nss-develcentos-upgrade-nss-pkcs11-develcentos-upgrade-nss-softokncentos-upgrade-nss-softokn-debuginfocentos-upgrade-nss-softokn-develcentos-upgrade-nss-softokn-freeblcentos-upgrade-nss-softokn-freebl-debuginfocentos-upgrade-nss-softokn-freebl-develcentos-upgrade-nss-sysinitcentos-upgrade-nss-sysinit-debuginfocentos-upgrade-nss-toolscentos-upgrade-nss-tools-debuginfocentos-upgrade-nss-utilcentos-upgrade-nss-util-debuginfocentos-upgrade-nss-util-devel
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.