In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
The product does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Network_security_services | Mozilla | * | 3.44 (excluding) |
| Red Hat Enterprise Linux 6 | RedHat | nspr-0:4.21.0-1.el6_10 | * |
| Red Hat Enterprise Linux 6 | RedHat | nss-0:3.44.0-7.el6_10 | * |
| Red Hat Enterprise Linux 6 | RedHat | nss-softokn-0:3.44.0-5.el6_10 | * |
| Red Hat Enterprise Linux 6 | RedHat | nss-util-0:3.44.0-1.el6_10 | * |
| Red Hat Enterprise Linux 7 | RedHat | nspr-0:4.21.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | nss-0:3.44.0-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | nss-softokn-0:3.44.0-5.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | nss-util-0:3.44.0-3.el7 | * |
| Red Hat Enterprise Linux 7.6 Extended Update Support | RedHat | nss-0:3.36.0-9.el7_6 | * |
| Red Hat Enterprise Linux 7.6 Extended Update Support | RedHat | nss-softokn-0:3.36.0-7.el7_6 | * |
| Red Hat Enterprise Linux 8 | RedHat | nspr-0:4.21.0-2.el8_0 | * |
| Red Hat Enterprise Linux 8 | RedHat | nss-0:3.44.0-7.el8_0 | * |
| Nss | Ubuntu | bionic | * |
| Nss | Ubuntu | disco | * |
| Nss | Ubuntu | trusty | * |
| Nss | Ubuntu | trusty/esm | * |
| Nss | Ubuntu | upstream | * |
| Nss | Ubuntu | xenial | * |