← back
CVE-2019-17007

CVE-2019-17007

EPSS 1.4%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 Oct 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
Affected products
Mozilla · NSS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1533216https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdfhttps://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44_release_noteshttps://us-cert.cisa.gov/ics/advisories/icsa-21-040-04