Search for vulnerabilities
| Vulnerability ID | VCID-4b2y-apw2-pbe4 |
| Aliases |
CVE-2014-1491
|
| Summary | Mozilla developer Brian Smith and security researchers Antoine Delignat-Lavaud and Karthikeyan Bhargavan of the Prosecco research team at INRIA Paris reported issues with ticket handling in the Network Security Services (NSS) libraries. These have been addressed in the NSS 3.15.4 release, shipping on affected platforms. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 8.0 |
| Risk | 4.0 |
| Affected and Fixed Packages | Package Details |
| Reference id | Reference type | URL |
|---|---|---|
| https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1491.json | ||
| https://api.first.org/data/v1/epss?cve=CVE-2014-1491 | ||
| 1060955 | https://bugzilla.redhat.com/show_bug.cgi?id=1060955 | |
| CVE-2014-1491 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491 | |
| mfsa2014-12 | https://www.mozilla.org/en-US/security/advisories/mfsa2014-12 | |
| RHSA-2014:0917 | https://access.redhat.com/errata/RHSA-2014:0917 | |
| RHSA-2014:0979 | https://access.redhat.com/errata/RHSA-2014:0979 | |
| RHSA-2014:1246 | https://access.redhat.com/errata/RHSA-2014:1246 | |
| USN-2102-1 | https://usn.ubuntu.com/2102-1/ | |
| USN-2119-1 | https://usn.ubuntu.com/2119-1/ |
| Percentile | 0.30275 |
| EPSS Score | 0.0011 |
| Published At | Aug. 1, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T08:10:45.939861+00:00 | Mozilla Importer | Import | https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-12.md | 37.0.0 |