← volver
CVE-2019-17006

CVE-2019-17006

EPSS 3.6%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 3.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
22 oct 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
Productos afectados
Mozilla · NSS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.mozilla.org/show_bug.cgi?id=1539788https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdfhttps://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_noteshttps://security.netapp.com/advisory/ntap-20210129-0001/https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04