Search for packages
| purl | pkg:rpm/redhat/nss@3.36.0-9?arch=el7_6 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7msj-wyd6-zkbe
Aliases: CVE-2019-17006 |
nss: Check length of inputs for cryptographic primitives | There are no reported fixed by versions. |
|
VCID-n6s1-tsx2-7fee
Aliases: CVE-2019-11756 |
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). | There are no reported fixed by versions. |
|
VCID-szzk-wxm2-cfgj
Aliases: CVE-2020-12403 |
NSS has multiple information disclosure vulnerabilities when handling secret key material. | There are no reported fixed by versions. |
|
VCID-x1ty-wqph-gkak
Aliases: CVE-2019-17007 |
nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:20:44.173690+00:00 | RedHat Importer | Affected by | VCID-x1ty-wqph-gkak | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17007.json | 38.0.0 |
| 2026-04-01T14:14:53.435048+00:00 | RedHat Importer | Affected by | VCID-n6s1-tsx2-7fee | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11756.json | 38.0.0 |
| 2026-04-01T14:14:32.928585+00:00 | RedHat Importer | Affected by | VCID-7msj-wyd6-zkbe | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17006.json | 38.0.0 |
| 2026-04-01T14:05:32.121476+00:00 | RedHat Importer | Affected by | VCID-szzk-wxm2-cfgj | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12403.json | 38.0.0 |