Search for packages
| purl | pkg:deb/debian/nspr@2:4.9.2-1%2Bdeb7u3 |
| Next non-vulnerable version | 2:4.12-1+debu8u1 |
| Latest non-vulnerable version | 2:4.12-1+debu8u1 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-8cyj-ttsy-aaaj
Aliases: CVE-2013-5607 |
Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. |
Affected by 2 other vulnerabilities. |
|
VCID-8z64-29q3-aaac
Aliases: CVE-2016-1951 |
Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function. |
Affected by 0 other vulnerabilities. |
|
VCID-hgt2-fb1s-aaae
Aliases: CVE-2015-7183 |
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. |
Affected by 0 other vulnerabilities. |
|
VCID-y6xc-vsep-aaak
Aliases: CVE-2014-1545 |
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions. |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-8cyj-ttsy-aaaj | Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. |
CVE-2013-5607
|
| VCID-hgt2-fb1s-aaae | Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. |
CVE-2015-7183
|
| VCID-y6xc-vsep-aaak | Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions. |
CVE-2014-1545
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T18:50:26.465691+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T17:49:26.676705+00:00 | Debian Oval Importer | Affected by | VCID-8cyj-ttsy-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T16:47:09.472910+00:00 | Debian Oval Importer | Affected by | VCID-y6xc-vsep-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:07:46.200081+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:42:39.170500+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T10:09:32.550203+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:49:04.878684+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:22:23.092763+00:00 | Debian Oval Importer | Fixing | VCID-y6xc-vsep-aaak | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:14:59.964998+00:00 | Debian Oval Importer | Fixing | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:06:08.451398+00:00 | Debian Oval Importer | Fixing | VCID-8cyj-ttsy-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-20T22:45:26.552660+00:00 | Debian Oval Importer | Affected by | VCID-y6xc-vsep-aaak | None | 36.1.3 |
| 2025-06-20T19:49:04.633610+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | None | 36.1.3 |
| 2025-06-20T19:48:22.554096+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | None | 36.1.3 |
| 2025-06-20T19:47:17.502424+00:00 | Debian Oval Importer | Affected by | VCID-8cyj-ttsy-aaaj | None | 36.1.3 |
| 2025-06-20T19:35:19.841986+00:00 | Debian Oval Importer | Fixing | VCID-hgt2-fb1s-aaae | None | 36.1.3 |
| 2025-06-20T19:33:39.443886+00:00 | Debian Oval Importer | Fixing | VCID-8cyj-ttsy-aaaj | None | 36.1.3 |
| 2025-06-20T19:26:33.060518+00:00 | Debian Oval Importer | Fixing | VCID-y6xc-vsep-aaak | None | 36.1.3 |
| 2025-06-08T11:20:17.081679+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:22:23.133975+00:00 | Debian Oval Importer | Affected by | VCID-8cyj-ttsy-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:32:23.688989+00:00 | Debian Oval Importer | Affected by | VCID-y6xc-vsep-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:01:16.549155+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:35:56.538570+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:58:38.657806+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:37:44.844901+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:10:15.076519+00:00 | Debian Oval Importer | Fixing | VCID-y6xc-vsep-aaak | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T03:02:42.363807+00:00 | Debian Oval Importer | Fixing | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:53:17.240651+00:00 | Debian Oval Importer | Fixing | VCID-8cyj-ttsy-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-07T16:09:21.722651+00:00 | Debian Oval Importer | Affected by | VCID-y6xc-vsep-aaak | None | 36.1.0 |
| 2025-06-07T13:41:12.769175+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | None | 36.1.0 |
| 2025-06-07T13:40:29.803394+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | None | 36.1.0 |
| 2025-06-07T13:39:21.847445+00:00 | Debian Oval Importer | Affected by | VCID-8cyj-ttsy-aaaj | None | 36.1.0 |
| 2025-06-07T13:30:31.349395+00:00 | Debian Oval Importer | Fixing | VCID-hgt2-fb1s-aaae | None | 36.1.0 |
| 2025-06-07T13:29:33.507218+00:00 | Debian Oval Importer | Fixing | VCID-8cyj-ttsy-aaaj | None | 36.1.0 |
| 2025-06-07T13:24:30.180279+00:00 | Debian Oval Importer | Fixing | VCID-y6xc-vsep-aaak | None | 36.1.0 |
| 2025-06-03T13:23:47.715665+00:00 | Debian Oval Importer | Fixing | VCID-y6xc-vsep-aaak | None | 36.1.2 |
| 2025-04-12T22:08:00.771182+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:31:59.578272+00:00 | Debian Oval Importer | Affected by | VCID-y6xc-vsep-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:23:59.804982+00:00 | Debian Oval Importer | Affected by | VCID-8cyj-ttsy-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:04:15.570873+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:03:23.192650+00:00 | Debian Oval Importer | Affected by | VCID-8cyj-ttsy-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T08:04:47.552895+00:00 | Debian Oval Importer | Affected by | VCID-y6xc-vsep-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:33:35.874580+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:08:32.258887+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:26:46.152245+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T02:05:29.270907+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T01:37:36.055898+00:00 | Debian Oval Importer | Fixing | VCID-y6xc-vsep-aaak | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:29:49.740665+00:00 | Debian Oval Importer | Fixing | VCID-hgt2-fb1s-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:20:31.935191+00:00 | Debian Oval Importer | Fixing | VCID-8cyj-ttsy-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-07T14:40:39.080787+00:00 | Debian Oval Importer | Affected by | VCID-y6xc-vsep-aaak | None | 36.0.0 |
| 2025-04-07T12:16:31.860878+00:00 | Debian Oval Importer | Affected by | VCID-8z64-29q3-aaac | None | 36.0.0 |
| 2025-04-07T12:15:50.076040+00:00 | Debian Oval Importer | Affected by | VCID-hgt2-fb1s-aaae | None | 36.0.0 |
| 2025-04-07T12:14:45.548263+00:00 | Debian Oval Importer | Affected by | VCID-8cyj-ttsy-aaaj | None | 36.0.0 |
| 2025-04-07T12:05:58.032829+00:00 | Debian Oval Importer | Fixing | VCID-hgt2-fb1s-aaae | None | 36.0.0 |
| 2025-04-07T12:05:01.744960+00:00 | Debian Oval Importer | Fixing | VCID-8cyj-ttsy-aaaj | None | 36.0.0 |
| 2025-04-07T12:00:00.311222+00:00 | Debian Oval Importer | Fixing | VCID-y6xc-vsep-aaak | None | 36.0.0 |