Search for vulnerabilities
| Vulnerability ID | VCID-mn9u-s9ed-tyde |
| Aliases |
CVE-2015-2730
|
| Summary | Mozilla community member Watson Ladd reported that the implementation of Elliptical Curve Cryptography (ECC) multiplication for Elliptic Curve Digital Signature Algorithm (ECDSA) signature validation in Network Security Services (NSS) did not handle exceptional cases correctly. This could potentially allow for signature forgery. This issue was fixed in NSS version 3.19.1. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 0.0 |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| Reference id | Reference type | URL |
|---|---|---|
| https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2730.json | ||
| https://api.first.org/data/v1/epss?cve=CVE-2015-2730 | ||
| 1236954 | https://bugzilla.redhat.com/show_bug.cgi?id=1236954 | |
| CVE-2015-2730 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2730 | |
| mfsa2015-64 | https://www.mozilla.org/en-US/security/advisories/mfsa2015-64 | |
| RHSA-2015:1664 | https://access.redhat.com/errata/RHSA-2015:1664 | |
| RHSA-2015:1699 | https://access.redhat.com/errata/RHSA-2015:1699 | |
| USN-2656-1 | https://usn.ubuntu.com/2656-1/ | |
| USN-2656-2 | https://usn.ubuntu.com/2656-2/ | |
| USN-2672-1 | https://usn.ubuntu.com/2672-1/ |
| Percentile | 0.56045 |
| EPSS Score | 0.0034 |
| Published At | July 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T08:10:57.508591+00:00 | Mozilla Importer | Import | https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2015/mfsa2015-64.md | 37.0.0 |