VulnerableCode Package Details - pkg:alpm/archlinux/nss@3.73-1

Search for packages

Package details: pkg:alpm/archlinux/nss@3.73-1

Essentials
History (4)

purl	pkg:alpm/archlinux/nss@3.73-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-6jzj-cgtw-aaak	NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. Note: This vulnerability does NOT impact Mozilla Firefox. However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.	CVE-2021-43527

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:45:22.392814+00:00	Arch Linux Importer	Fixing	VCID-6jzj-cgtw-aaak	https://security.archlinux.org/AVG-2596	36.0.0
2024-09-18T02:00:18.090218+00:00	Arch Linux Importer	Fixing	VCID-6jzj-cgtw-aaak	https://security.archlinux.org/AVG-2596	34.0.1
2024-01-23T15:32:14.661418+00:00	Arch Linux Importer	Fixing	VCID-6jzj-cgtw-aaak	https://security.archlinux.org/AVG-2596	34.0.0rc2
2024-01-03T22:26:32.890009+00:00	Arch Linux Importer	Fixing	VCID-6jzj-cgtw-aaak	https://security.archlinux.org/AVG-2596	34.0.0rc1