Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2011-3640 (GCVE-0-2011-3640)
Vulnerability from cvelistv5
Published
2011-10-28 00:00
Modified
2024-08-06 23:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:48.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0063",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/13155432"
},
{
"name": "openSUSE-SU-2012:0030",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/13154861"
},
{
"name": "8483",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8483"
},
{
"name": "oval:org.mitre.oval:def:13414",
"tags": [
"vdb-entry",
"signature",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414"
},
{
"tags": [
"x_transferred"
],
"url": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=97426"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \"Strange behavior, but we\u0027re not treating this as a security bug.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-12T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2012:0063",
"tags": [
"vendor-advisory"
],
"url": "https://hermes.opensuse.org/messages/13155432"
},
{
"name": "openSUSE-SU-2012:0030",
"tags": [
"vendor-advisory"
],
"url": "https://hermes.opensuse.org/messages/13154861"
},
{
"name": "8483",
"tags": [
"third-party-advisory"
],
"url": "http://securityreason.com/securityalert/8483"
},
{
"name": "oval:org.mitre.oval:def:13414",
"tags": [
"vdb-entry",
"signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414"
},
{
"url": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html"
},
{
"url": "http://code.google.com/p/chromium/issues/detail?id=97426"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3640",
"datePublished": "2011-10-28T00:00:00",
"dateReserved": "2011-09-21T00:00:00",
"dateUpdated": "2024-08-06T23:37:48.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2011-3640\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-10-28T02:49:53.130\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[{\"sourceIdentifier\":\"secalert@redhat.com\",\"tags\":[\"disputed\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \\\"Strange behavior, but we\u0027re not treating this as a security bug.\\\"\"},{\"lang\":\"es\",\"value\":\"** CONTROVERTIDO ** Vulnerabilidad de ruta de b\u00fasqueda no confiable de Mozilla Network Security Services (NSS), que se utiliza en Google Chrome anterior a v17 en Windows y Mac OS X, puede permitir a usuarios locales conseguir privilegios a trav\u00e9s de un archivo troyano pkcs11.txt en un directorio de alto nivel. NOTA: La respuesta del vendedor fue \\\" comportamiento extra\u00f1o, pero no estamos tratando esto como un fallo de seguridad\\\"\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:S/C:C/I:C/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.0\",\"matchCriteriaId\":\"811305D7-7A0E-4F2D-A578-B9D415002329\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=97426\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/8483\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=641052\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://hermes.opensuse.org/messages/13154861\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://hermes.opensuse.org/messages/13155432\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=97426\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/8483\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=641052\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://hermes.opensuse.org/messages/13154861\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://hermes.opensuse.org/messages/13155432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
ghsa-75w4-cpff-gxx5
Vulnerability from github
Published
2022-05-13 01:06
Modified
2022-05-13 01:06
VLAI Severity ?
Details
** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."
{
"affected": [],
"aliases": [
"CVE-2011-3640"
],
"database_specific": {
"cwe_ids": [
"CWE-426"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-10-28T02:49:00Z",
"severity": "HIGH"
},
"details": "** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \"Strange behavior, but we\u0027re not treating this as a security bug.\"",
"id": "GHSA-75w4-cpff-gxx5",
"modified": "2022-05-13T01:06:47Z",
"published": "2022-05-13T01:06:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3640"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052"
},
{
"type": "WEB",
"url": "https://hermes.opensuse.org/messages/13154861"
},
{
"type": "WEB",
"url": "https://hermes.opensuse.org/messages/13155432"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414"
},
{
"type": "WEB",
"url": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=97426"
},
{
"type": "WEB",
"url": "http://securityreason.com/securityalert/8483"
}
],
"schema_version": "1.4.0",
"severity": []
}
gsd-2011-3640
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2011-3640",
"description": "** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \"Strange behavior, but we\u0027re not treating this as a security bug.\"",
"id": "GSD-2011-3640",
"references": [
"https://www.suse.com/security/cve/CVE-2011-3640.html",
"https://www.debian.org/security/2011/dsa-2339"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2011-3640"
],
"details": "** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \"Strange behavior, but we\u0027re not treating this as a security bug.\"",
"id": "GSD-2011-3640",
"modified": "2023-12-13T01:19:09.169563Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \"Strange behavior, but we\u0027re not treating this as a security bug.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0063",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/13155432"
},
{
"name": "openSUSE-SU-2012:0030",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/13154861"
},
{
"name": "8483",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8483"
},
{
"name": "oval:org.mitre.oval:def:13414",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414"
},
{
"name": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html",
"refsource": "MISC",
"url": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=97426",
"refsource": "MISC",
"url": "http://code.google.com/p/chromium/issues/detail?id=97426"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "811305D7-7A0E-4F2D-A578-B9D415002329",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \"Strange behavior, but we\u0027re not treating this as a security bug.\""
},
{
"lang": "es",
"value": "** CONTROVERTIDO ** Vulnerabilidad de ruta de b\u00fasqueda no confiable de Mozilla Network Security Services (NSS), que se utiliza en Google Chrome anterior a v17 en Windows y Mac OS X, puede permitir a usuarios locales conseguir privilegios a trav\u00e9s de un archivo troyano pkcs11.txt en un directorio de alto nivel. NOTA: La respuesta del vendedor fue \" comportamiento extra\u00f1o, pero no estamos tratando esto como un fallo de seguridad\""
}
],
"id": "CVE-2011-3640",
"lastModified": "2024-04-11T00:48:12.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-10-28T02:49:53.130",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=97426"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/8483"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://hermes.opensuse.org/messages/13154861"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://hermes.opensuse.org/messages/13155432"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
fkie_cve-2011-3640
Vulnerability from fkie_nvd
Published
2011-10-28 02:49
Modified
2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html | Exploit, Third Party Advisory | |
| secalert@redhat.com | http://code.google.com/p/chromium/issues/detail?id=97426 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| secalert@redhat.com | http://securityreason.com/securityalert/8483 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=641052 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://hermes.opensuse.org/messages/13154861 | Broken Link | |
| secalert@redhat.com | https://hermes.opensuse.org/messages/13155432 | Broken Link | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/chromium/issues/detail?id=97426 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/8483 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=641052 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hermes.opensuse.org/messages/13154861 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hermes.opensuse.org/messages/13155432 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "811305D7-7A0E-4F2D-A578-B9D415002329",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [
{
"sourceIdentifier": "secalert@redhat.com",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \"Strange behavior, but we\u0027re not treating this as a security bug.\""
},
{
"lang": "es",
"value": "** CONTROVERTIDO ** Vulnerabilidad de ruta de b\u00fasqueda no confiable de Mozilla Network Security Services (NSS), que se utiliza en Google Chrome anterior a v17 en Windows y Mac OS X, puede permitir a usuarios locales conseguir privilegios a trav\u00e9s de un archivo troyano pkcs11.txt en un directorio de alto nivel. NOTA: La respuesta del vendedor fue \" comportamiento extra\u00f1o, pero no estamos tratando esto como un fallo de seguridad\""
}
],
"id": "CVE-2011-3640",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-10-28T02:49:53.130",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=97426"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/8483"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://hermes.opensuse.org/messages/13154861"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://hermes.opensuse.org/messages/13155432"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=97426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/8483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://hermes.opensuse.org/messages/13154861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://hermes.opensuse.org/messages/13155432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
opensuse-su-2024:10451-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libfreebl3-3.26.2-1.1 on GA media
Notes
Title of the patch
libfreebl3-3.26.2-1.1 on GA media
Description of the patch
These are all security issues fixed in the libfreebl3-3.26.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10451
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libfreebl3-3.26.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libfreebl3-3.26.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10451",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10451-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3170 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3389 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3640 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0743 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0791 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1620 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1739 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1740 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5605 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1490 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1491 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1492 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1568 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1569 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2721 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4000 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7181 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7182 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1950 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1979 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2834 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2834/"
}
],
"title": "libfreebl3-3.26.2-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10451-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.26.2-1.1.aarch64",
"product": {
"name": "libfreebl3-3.26.2-1.1.aarch64",
"product_id": "libfreebl3-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.26.2-1.1.aarch64",
"product": {
"name": "libfreebl3-32bit-3.26.2-1.1.aarch64",
"product_id": "libfreebl3-32bit-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.26.2-1.1.aarch64",
"product": {
"name": "libsoftokn3-3.26.2-1.1.aarch64",
"product_id": "libsoftokn3-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.26.2-1.1.aarch64",
"product": {
"name": "libsoftokn3-32bit-3.26.2-1.1.aarch64",
"product_id": "libsoftokn3-32bit-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.26.2-1.1.aarch64",
"product": {
"name": "mozilla-nss-3.26.2-1.1.aarch64",
"product_id": "mozilla-nss-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.26.2-1.1.aarch64",
"product": {
"name": "mozilla-nss-32bit-3.26.2-1.1.aarch64",
"product_id": "mozilla-nss-32bit-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.26.2-1.1.aarch64",
"product": {
"name": "mozilla-nss-certs-3.26.2-1.1.aarch64",
"product_id": "mozilla-nss-certs-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"product": {
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"product_id": "mozilla-nss-certs-32bit-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.26.2-1.1.aarch64",
"product": {
"name": "mozilla-nss-devel-3.26.2-1.1.aarch64",
"product_id": "mozilla-nss-devel-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"product": {
"name": "mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"product_id": "mozilla-nss-sysinit-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"product_id": "mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.26.2-1.1.aarch64",
"product": {
"name": "mozilla-nss-tools-3.26.2-1.1.aarch64",
"product_id": "mozilla-nss-tools-3.26.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.26.2-1.1.ppc64le",
"product": {
"name": "libfreebl3-3.26.2-1.1.ppc64le",
"product_id": "libfreebl3-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.26.2-1.1.ppc64le",
"product": {
"name": "libfreebl3-32bit-3.26.2-1.1.ppc64le",
"product_id": "libfreebl3-32bit-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.26.2-1.1.ppc64le",
"product": {
"name": "libsoftokn3-3.26.2-1.1.ppc64le",
"product_id": "libsoftokn3-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"product": {
"name": "libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"product_id": "libsoftokn3-32bit-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.26.2-1.1.ppc64le",
"product": {
"name": "mozilla-nss-3.26.2-1.1.ppc64le",
"product_id": "mozilla-nss-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"product": {
"name": "mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"product_id": "mozilla-nss-32bit-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.26.2-1.1.ppc64le",
"product": {
"name": "mozilla-nss-certs-3.26.2-1.1.ppc64le",
"product_id": "mozilla-nss-certs-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"product": {
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"product_id": "mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.26.2-1.1.ppc64le",
"product": {
"name": "mozilla-nss-devel-3.26.2-1.1.ppc64le",
"product_id": "mozilla-nss-devel-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"product": {
"name": "mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"product_id": "mozilla-nss-sysinit-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"product_id": "mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.26.2-1.1.ppc64le",
"product": {
"name": "mozilla-nss-tools-3.26.2-1.1.ppc64le",
"product_id": "mozilla-nss-tools-3.26.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.26.2-1.1.s390x",
"product": {
"name": "libfreebl3-3.26.2-1.1.s390x",
"product_id": "libfreebl3-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.26.2-1.1.s390x",
"product": {
"name": "libfreebl3-32bit-3.26.2-1.1.s390x",
"product_id": "libfreebl3-32bit-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.26.2-1.1.s390x",
"product": {
"name": "libsoftokn3-3.26.2-1.1.s390x",
"product_id": "libsoftokn3-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.26.2-1.1.s390x",
"product": {
"name": "libsoftokn3-32bit-3.26.2-1.1.s390x",
"product_id": "libsoftokn3-32bit-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.26.2-1.1.s390x",
"product": {
"name": "mozilla-nss-3.26.2-1.1.s390x",
"product_id": "mozilla-nss-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.26.2-1.1.s390x",
"product": {
"name": "mozilla-nss-32bit-3.26.2-1.1.s390x",
"product_id": "mozilla-nss-32bit-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.26.2-1.1.s390x",
"product": {
"name": "mozilla-nss-certs-3.26.2-1.1.s390x",
"product_id": "mozilla-nss-certs-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"product": {
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"product_id": "mozilla-nss-certs-32bit-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.26.2-1.1.s390x",
"product": {
"name": "mozilla-nss-devel-3.26.2-1.1.s390x",
"product_id": "mozilla-nss-devel-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.26.2-1.1.s390x",
"product": {
"name": "mozilla-nss-sysinit-3.26.2-1.1.s390x",
"product_id": "mozilla-nss-sysinit-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"product_id": "mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.26.2-1.1.s390x",
"product": {
"name": "mozilla-nss-tools-3.26.2-1.1.s390x",
"product_id": "mozilla-nss-tools-3.26.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libfreebl3-3.26.2-1.1.x86_64",
"product": {
"name": "libfreebl3-3.26.2-1.1.x86_64",
"product_id": "libfreebl3-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreebl3-32bit-3.26.2-1.1.x86_64",
"product": {
"name": "libfreebl3-32bit-3.26.2-1.1.x86_64",
"product_id": "libfreebl3-32bit-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-3.26.2-1.1.x86_64",
"product": {
"name": "libsoftokn3-3.26.2-1.1.x86_64",
"product_id": "libsoftokn3-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoftokn3-32bit-3.26.2-1.1.x86_64",
"product": {
"name": "libsoftokn3-32bit-3.26.2-1.1.x86_64",
"product_id": "libsoftokn3-32bit-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-3.26.2-1.1.x86_64",
"product": {
"name": "mozilla-nss-3.26.2-1.1.x86_64",
"product_id": "mozilla-nss-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-32bit-3.26.2-1.1.x86_64",
"product": {
"name": "mozilla-nss-32bit-3.26.2-1.1.x86_64",
"product_id": "mozilla-nss-32bit-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-3.26.2-1.1.x86_64",
"product": {
"name": "mozilla-nss-certs-3.26.2-1.1.x86_64",
"product_id": "mozilla-nss-certs-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"product": {
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"product_id": "mozilla-nss-certs-32bit-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-devel-3.26.2-1.1.x86_64",
"product": {
"name": "mozilla-nss-devel-3.26.2-1.1.x86_64",
"product_id": "mozilla-nss-devel-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"product": {
"name": "mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"product_id": "mozilla-nss-sysinit-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"product": {
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"product_id": "mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozilla-nss-tools-3.26.2-1.1.x86_64",
"product": {
"name": "mozilla-nss-tools-3.26.2-1.1.x86_64",
"product_id": "mozilla-nss-tools-3.26.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64"
},
"product_reference": "libfreebl3-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le"
},
"product_reference": "libfreebl3-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x"
},
"product_reference": "libfreebl3-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64"
},
"product_reference": "libfreebl3-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64"
},
"product_reference": "libfreebl3-32bit-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le"
},
"product_reference": "libfreebl3-32bit-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x"
},
"product_reference": "libfreebl3-32bit-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreebl3-32bit-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64"
},
"product_reference": "libfreebl3-32bit-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64"
},
"product_reference": "libsoftokn3-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le"
},
"product_reference": "libsoftokn3-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x"
},
"product_reference": "libsoftokn3-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64"
},
"product_reference": "libsoftokn3-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64"
},
"product_reference": "libsoftokn3-32bit-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le"
},
"product_reference": "libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x"
},
"product_reference": "libsoftokn3-32bit-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoftokn3-32bit-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64"
},
"product_reference": "libsoftokn3-32bit-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64"
},
"product_reference": "mozilla-nss-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le"
},
"product_reference": "mozilla-nss-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x"
},
"product_reference": "mozilla-nss-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64"
},
"product_reference": "mozilla-nss-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64"
},
"product_reference": "mozilla-nss-32bit-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le"
},
"product_reference": "mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x"
},
"product_reference": "mozilla-nss-32bit-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-32bit-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64"
},
"product_reference": "mozilla-nss-32bit-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64"
},
"product_reference": "mozilla-nss-certs-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le"
},
"product_reference": "mozilla-nss-certs-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x"
},
"product_reference": "mozilla-nss-certs-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64"
},
"product_reference": "mozilla-nss-certs-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64"
},
"product_reference": "mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le"
},
"product_reference": "mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x"
},
"product_reference": "mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-certs-32bit-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64"
},
"product_reference": "mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64"
},
"product_reference": "mozilla-nss-devel-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le"
},
"product_reference": "mozilla-nss-devel-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x"
},
"product_reference": "mozilla-nss-devel-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-devel-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64"
},
"product_reference": "mozilla-nss-devel-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64"
},
"product_reference": "mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le"
},
"product_reference": "mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x"
},
"product_reference": "mozilla-nss-sysinit-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64"
},
"product_reference": "mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64"
},
"product_reference": "mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64"
},
"product_reference": "mozilla-nss-tools-3.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le"
},
"product_reference": "mozilla-nss-tools-3.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x"
},
"product_reference": "mozilla-nss-tools-3.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozilla-nss-tools-3.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
},
"product_reference": "mozilla-nss-tools-3.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3170"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject\u0027s Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3170",
"url": "https://www.suse.com/security/cve/CVE-2010-3170"
},
{
"category": "external",
"summary": "SUSE Bug 637290 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/637290"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/652858"
},
{
"category": "external",
"summary": "SUSE Bug 868629 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/868629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3170"
},
{
"cve": "CVE-2011-3389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3389"
}
],
"notes": [
{
"category": "general",
"text": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3389",
"url": "https://www.suse.com/security/cve/CVE-2011-3389"
},
{
"category": "external",
"summary": "SUSE Bug 716002 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/716002"
},
{
"category": "external",
"summary": "SUSE Bug 719047 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/719047"
},
{
"category": "external",
"summary": "SUSE Bug 725167 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/725167"
},
{
"category": "external",
"summary": "SUSE Bug 726096 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/726096"
},
{
"category": "external",
"summary": "SUSE Bug 739248 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/739248"
},
{
"category": "external",
"summary": "SUSE Bug 739256 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/739256"
},
{
"category": "external",
"summary": "SUSE Bug 742306 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/742306"
},
{
"category": "external",
"summary": "SUSE Bug 751718 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/751718"
},
{
"category": "external",
"summary": "SUSE Bug 759666 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/759666"
},
{
"category": "external",
"summary": "SUSE Bug 763598 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/763598"
},
{
"category": "external",
"summary": "SUSE Bug 814655 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/814655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2011-3389"
},
{
"cve": "CVE-2011-3640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3640"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \"Strange behavior, but we\u0027re not treating this as a security bug.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3640",
"url": "https://www.suse.com/security/cve/CVE-2011-3640"
},
{
"category": "external",
"summary": "SUSE Bug 726096 for CVE-2011-3640",
"url": "https://bugzilla.suse.com/726096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3640"
},
{
"cve": "CVE-2013-0743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0743"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA at the suggestion of the CVE project team. The candidate had been associated with a correct report of a security problem, but not a problem that is categorized as a vulnerability within CVE. Compromised or unauthorized SSL certificates are not within CVE\u0027s scope. Notes: none",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0743",
"url": "https://www.suse.com/security/cve/CVE-2013-0743"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0743",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0743"
},
{
"cve": "CVE-2013-0791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0791"
}
],
"notes": [
{
"category": "general",
"text": "The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0791",
"url": "https://www.suse.com/security/cve/CVE-2013-0791"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0791",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0791",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0791"
},
{
"cve": "CVE-2013-1620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1620"
}
],
"notes": [
{
"category": "general",
"text": "The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1620",
"url": "https://www.suse.com/security/cve/CVE-2013-1620"
},
{
"category": "external",
"summary": "SUSE Bug 802184 for CVE-2013-1620",
"url": "https://bugzilla.suse.com/802184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1620"
},
{
"cve": "CVE-2013-1739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1739"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1739",
"url": "https://www.suse.com/security/cve/CVE-2013-1739"
},
{
"category": "external",
"summary": "SUSE Bug 842979 for CVE-2013-1739",
"url": "https://bugzilla.suse.com/842979"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-1739",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1739"
},
{
"cve": "CVE-2013-1740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1740"
}
],
"notes": [
{
"category": "general",
"text": "The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1740",
"url": "https://www.suse.com/security/cve/CVE-2013-1740"
},
{
"category": "external",
"summary": "SUSE Bug 859055 for CVE-2013-1740",
"url": "https://bugzilla.suse.com/859055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1740"
},
{
"cve": "CVE-2013-5605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5605"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5605",
"url": "https://www.suse.com/security/cve/CVE-2013-5605"
},
{
"category": "external",
"summary": "SUSE Bug 850148 for CVE-2013-5605",
"url": "https://bugzilla.suse.com/850148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5605"
},
{
"cve": "CVE-2014-1490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1490"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1490",
"url": "https://www.suse.com/security/cve/CVE-2014-1490"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1490",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862300 for CVE-2014-1490",
"url": "https://bugzilla.suse.com/862300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1490"
},
{
"cve": "CVE-2014-1491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1491"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1491",
"url": "https://www.suse.com/security/cve/CVE-2014-1491"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1491",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862289 for CVE-2014-1491",
"url": "https://bugzilla.suse.com/862289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1491"
},
{
"cve": "CVE-2014-1492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1492"
}
],
"notes": [
{
"category": "general",
"text": "The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name\u0027s U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1492",
"url": "https://www.suse.com/security/cve/CVE-2014-1492"
},
{
"category": "external",
"summary": "SUSE Bug 869827 for CVE-2014-1492",
"url": "https://bugzilla.suse.com/869827"
},
{
"category": "external",
"summary": "SUSE Bug 926974 for CVE-2014-1492",
"url": "https://bugzilla.suse.com/926974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1492"
},
{
"cve": "CVE-2014-1568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1568"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a \"signature malleability\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1568",
"url": "https://www.suse.com/security/cve/CVE-2014-1568"
},
{
"category": "external",
"summary": "SUSE Bug 1107874 for CVE-2014-1568",
"url": "https://bugzilla.suse.com/1107874"
},
{
"category": "external",
"summary": "SUSE Bug 897890 for CVE-2014-1568",
"url": "https://bugzilla.suse.com/897890"
},
{
"category": "external",
"summary": "SUSE Bug 898959 for CVE-2014-1568",
"url": "https://bugzilla.suse.com/898959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1568"
},
{
"cve": "CVE-2014-1569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1569"
}
],
"notes": [
{
"category": "general",
"text": "The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function\u0027s improper handling of an arbitrary-length encoding of 0x00.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1569",
"url": "https://www.suse.com/security/cve/CVE-2014-1569"
},
{
"category": "external",
"summary": "SUSE Bug 910647 for CVE-2014-1569",
"url": "https://bugzilla.suse.com/910647"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-1569",
"url": "https://bugzilla.suse.com/913096"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2014-1569",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1569"
},
{
"cve": "CVE-2015-2721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2721"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a \"SMACK SKIP-TLS\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2721",
"url": "https://www.suse.com/security/cve/CVE-2015-2721"
},
{
"category": "external",
"summary": "SUSE Bug 863095 for CVE-2015-2721",
"url": "https://bugzilla.suse.com/863095"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2721",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2721"
},
{
"cve": "CVE-2015-4000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4000"
}
],
"notes": [
{
"category": "general",
"text": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4000",
"url": "https://www.suse.com/security/cve/CVE-2015-4000"
},
{
"category": "external",
"summary": "SUSE Bug 1074631 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/1074631"
},
{
"category": "external",
"summary": "SUSE Bug 1211968 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/1211968"
},
{
"category": "external",
"summary": "SUSE Bug 931600 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931600"
},
{
"category": "external",
"summary": "SUSE Bug 931698 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931698"
},
{
"category": "external",
"summary": "SUSE Bug 931723 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931723"
},
{
"category": "external",
"summary": "SUSE Bug 931845 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931845"
},
{
"category": "external",
"summary": "SUSE Bug 932026 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/932026"
},
{
"category": "external",
"summary": "SUSE Bug 932483 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/932483"
},
{
"category": "external",
"summary": "SUSE Bug 934789 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/934789"
},
{
"category": "external",
"summary": "SUSE Bug 935033 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935033"
},
{
"category": "external",
"summary": "SUSE Bug 935540 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935540"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935979"
},
{
"category": "external",
"summary": "SUSE Bug 937202 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/937202"
},
{
"category": "external",
"summary": "SUSE Bug 937766 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/937766"
},
{
"category": "external",
"summary": "SUSE Bug 938248 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938248"
},
{
"category": "external",
"summary": "SUSE Bug 938432 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938432"
},
{
"category": "external",
"summary": "SUSE Bug 938895 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938895"
},
{
"category": "external",
"summary": "SUSE Bug 938905 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938905"
},
{
"category": "external",
"summary": "SUSE Bug 938906 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938906"
},
{
"category": "external",
"summary": "SUSE Bug 938913 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938913"
},
{
"category": "external",
"summary": "SUSE Bug 938945 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938945"
},
{
"category": "external",
"summary": "SUSE Bug 943664 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/943664"
},
{
"category": "external",
"summary": "SUSE Bug 944729 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/944729"
},
{
"category": "external",
"summary": "SUSE Bug 945582 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/945582"
},
{
"category": "external",
"summary": "SUSE Bug 955589 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/955589"
},
{
"category": "external",
"summary": "SUSE Bug 980406 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/980406"
},
{
"category": "external",
"summary": "SUSE Bug 990592 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/990592"
},
{
"category": "external",
"summary": "SUSE Bug 994144 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/994144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4000"
},
{
"cve": "CVE-2015-7181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7181"
}
],
"notes": [
{
"category": "general",
"text": "The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a \"use-after-poison\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7181",
"url": "https://www.suse.com/security/cve/CVE-2015-7181"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7181",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7181",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7181"
},
{
"cve": "CVE-2015-7182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7182"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7182",
"url": "https://www.suse.com/security/cve/CVE-2015-7182"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7182",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7182",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7182"
},
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2016-1950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1950"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1950",
"url": "https://www.suse.com/security/cve/CVE-2016-1950"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1950"
},
{
"cve": "CVE-2016-1979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1979"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1979",
"url": "https://www.suse.com/security/cve/CVE-2016-1979"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1979",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1979"
},
{
"cve": "CVE-2016-2834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2834"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2834",
"url": "https://www.suse.com/security/cve/CVE-2016-2834"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2834",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983639 for CVE-2016-2834",
"url": "https://bugzilla.suse.com/983639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libfreebl3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:libsoftokn3-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-certs-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-devel-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-sysinit-32bit-3.26.2-1.1.x86_64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.aarch64",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.s390x",
"openSUSE Tumbleweed:mozilla-nss-tools-3.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2834"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…