Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/nspr@4.7.1-5
purl pkg:deb/debian/nspr@4.7.1-5
Next non-vulnerable version 2:4.12-1+debu8u1
Latest non-vulnerable version 2:4.12-1+debu8u1
Risk 10.0
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-2jhf-j64s-gygy
Aliases:
CVE-2009-0689
Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer.Update: The underlying flaw in the dtoa routines used by Mozilla appears to be essentially the same as that reported against the libc gdtoa routine by Maksymilian Arciemowicz.
4.8.6-1+squeeze1
Affected by 4 other vulnerabilities.
VCID-49hp-8pm6-vkhr
Aliases:
CVE-2014-1545
security update
2:4.9.2-1+deb7u3
Affected by 4 other vulnerabilities.
2:4.10.7-1
Affected by 2 other vulnerabilities.
VCID-53kn-ev4f-dufh
Aliases:
CVE-2009-2463
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.
4.8.6-1+squeeze1
Affected by 4 other vulnerabilities.
VCID-97rg-h7t5-1fhs
Aliases:
CVE-2013-5607
Multiple vulnerabilities have been discovered in Mozilla Network Security Service, the worst of which could lead to Denial of Service.
2:4.9.2-1+deb7u3
Affected by 4 other vulnerabilities.
2:4.10.7-1
Affected by 2 other vulnerabilities.
VCID-ap6c-9pta-wbdz
Aliases:
CVE-2016-1951
security update
2:4.12-1+debu8u1
Affected by 0 other vulnerabilities.
VCID-r1pj-wxzf-5ubj
Aliases:
CVE-2015-7183
Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code.
2:4.9.2-1+deb7u3
Affected by 4 other vulnerabilities.
2:4.12-1+debu8u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T00:18:56.149108+00:00 Debian Oval Importer Affected by VCID-r1pj-wxzf-5ubj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:21:46.848542+00:00 Debian Oval Importer Affected by VCID-49hp-8pm6-vkhr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:09:00.179407+00:00 Debian Oval Importer Affected by VCID-97rg-h7t5-1fhs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:15:55.337469+00:00 Debian Oval Importer Affected by VCID-2jhf-j64s-gygy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:55:54.023192+00:00 Debian Oval Importer Affected by VCID-53kn-ev4f-dufh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:23:00.807050+00:00 Debian Oval Importer Affected by VCID-ap6c-9pta-wbdz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T14:00:42.137159+00:00 Debian Oval Importer Affected by VCID-ap6c-9pta-wbdz https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.4.0
2026-04-15T13:40:28.352649+00:00 Debian Oval Importer Affected by VCID-r1pj-wxzf-5ubj https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.4.0
2026-04-15T13:14:10.283465+00:00 Debian Oval Importer Affected by VCID-49hp-8pm6-vkhr https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.4.0
2026-04-15T13:06:52.533730+00:00 Debian Oval Importer Affected by VCID-r1pj-wxzf-5ubj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.4.0
2026-04-15T12:57:21.883298+00:00 Debian Oval Importer Affected by VCID-97rg-h7t5-1fhs https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.4.0
2026-04-11T23:52:34.199801+00:00 Debian Oval Importer Affected by VCID-r1pj-wxzf-5ubj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:57:18.770630+00:00 Debian Oval Importer Affected by VCID-49hp-8pm6-vkhr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:44:59.761286+00:00 Debian Oval Importer Affected by VCID-97rg-h7t5-1fhs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:02:27.142271+00:00 Debian Oval Importer Affected by VCID-2jhf-j64s-gygy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:42:35.030277+00:00 Debian Oval Importer Affected by VCID-53kn-ev4f-dufh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:10:16.944480+00:00 Debian Oval Importer Affected by VCID-ap6c-9pta-wbdz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T13:49:18.587507+00:00 Debian Oval Importer Affected by VCID-ap6c-9pta-wbdz https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.3.0
2026-04-11T13:29:11.009611+00:00 Debian Oval Importer Affected by VCID-r1pj-wxzf-5ubj https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.3.0
2026-04-11T13:02:55.530828+00:00 Debian Oval Importer Affected by VCID-49hp-8pm6-vkhr https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.3.0
2026-04-11T12:55:36.525673+00:00 Debian Oval Importer Affected by VCID-r1pj-wxzf-5ubj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.3.0
2026-04-11T12:45:57.047210+00:00 Debian Oval Importer Affected by VCID-97rg-h7t5-1fhs https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.3.0
2026-04-08T23:24:30.903903+00:00 Debian Oval Importer Affected by VCID-r1pj-wxzf-5ubj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:31:35.014243+00:00 Debian Oval Importer Affected by VCID-49hp-8pm6-vkhr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:19:48.629170+00:00 Debian Oval Importer Affected by VCID-97rg-h7t5-1fhs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:51:51.086699+00:00 Debian Oval Importer Affected by VCID-2jhf-j64s-gygy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:33:03.474982+00:00 Debian Oval Importer Affected by VCID-53kn-ev4f-dufh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:02:48.239021+00:00 Debian Oval Importer Affected by VCID-ap6c-9pta-wbdz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T22:24:36.822102+00:00 Debian Oval Importer Affected by VCID-ap6c-9pta-wbdz https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.1.0
2026-04-07T22:04:54.837522+00:00 Debian Oval Importer Affected by VCID-r1pj-wxzf-5ubj https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.1.0
2026-04-07T21:37:55.781116+00:00 Debian Oval Importer Affected by VCID-49hp-8pm6-vkhr https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.1.0
2026-04-07T21:30:23.737962+00:00 Debian Oval Importer Affected by VCID-r1pj-wxzf-5ubj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.1.0
2026-04-03T22:00:21.691737+00:00 Debian Oval Importer Affected by VCID-97rg-h7t5-1fhs https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.1.0
2026-04-02T13:02:22.248910+00:00 Debian Oval Importer Affected by VCID-97rg-h7t5-1fhs https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.0.0