from 0, < 3.60-r2
from 0, < 3.23-r1
CRITICAL9.1CVE-2020-12403A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. from 0, < 3.55-r0
HIGH8.8nss - security update
from 0, < 3.44.3-r0
HIGH7.5nss - security update
from 0, < 3.58-r0
MEDIUM6.5thunderbird - security update
from 0, < 3.98-r0
MEDIUM6.5thunderbird - security update
from 0, < 3.68.3-r0
MEDIUM6.5After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition i…
from 0, < 3.49-r0
MEDIUM5.9nss - security update
from 0, < 3.41-r0
MEDIUM5.9When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead.
from 0, < 3.39-r0
MEDIUM5.3When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about th…
from 0, < 3.55-r0
MEDIUM5.3A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bit…
from 0, < 3.23-r1
MEDIUM4.7During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulti…
from 0, < 3.55-r0
MEDIUM4.7nss - security update
from 0, < 3.55-r0
MEDIUM4.4During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly…
from 0, < 3.53.1-r0