All Vulnerability Reports

USN-4203-1: NSS vulnerability


Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected
  • Canonical Ubuntu 16.04
Description

It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVEs contained in this USN include: CVE-2019-11745

Affected Pivotal Products and Versions

Severity is medium unless otherwise noted.

  • Pivotal Operations Manager
    • 2.7.x versions prior to 2.7.7
    • 2.6.x versions prior to 2.6.17
    • 2.5.x versions prior to 2.5.25
Mitigation

Users of affected versions should apply the following mitigation or upgrade. Releases that have fixed this issue include:

  • Pivotal Operations Manager
    • 2.7.7
    • 2.6.17
    • 2.5.25
References
Contactez-nous