VulnerableCode Package Details - pkg:apk/alpine/nss@3.55-r0?arch=riscv64&distroversion=edge&reponame=main

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apk/alpine/nss@3.55-r0?arch=riscv64&distroversion=edge&reponame=main

purl	pkg:apk/alpine/nss@3.55-r0?arch=riscv64&distroversion=edge&reponame=main

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (4)

Vulnerability	Summary	Aliases
VCID-k4a4-f1as-x3bj	NSS has multiple information disclosure vulnerabilities when handling secret key material.	CVE-2020-12400
VCID-mx8t-s47w-wud5	When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed.	CVE-2020-6829
VCID-rk7t-zjzg-eqar	NSS has multiple information disclosure vulnerabilities when handling secret key material.	CVE-2020-12401
VCID-szzk-wxm2-cfgj	NSS has multiple information disclosure vulnerabilities when handling secret key material.	CVE-2020-12403

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-06T04:51:29.025249+00:00	Alpine Linux Importer	Fixing	VCID-mx8t-s47w-wud5	https://secdb.alpinelinux.org/edge/main.json	38.1.0
2026-04-03T17:48:25.620994+00:00	Alpine Linux Importer	Fixing	VCID-rk7t-zjzg-eqar	https://secdb.alpinelinux.org/edge/main.json	38.1.0
2026-04-01T19:16:01.427294+00:00	Alpine Linux Importer	Fixing	VCID-szzk-wxm2-cfgj	https://secdb.alpinelinux.org/edge/main.json	38.0.0
2026-04-01T19:04:23.622679+00:00	Alpine Linux Importer	Fixing	VCID-k4a4-f1as-x3bj	https://secdb.alpinelinux.org/edge/main.json	38.0.0