Pivotal + VMware: Transforming how more of the world builds software

All Vulnerability Reports

USN-3898-1: NSS vulnerability




Canonical Ubuntu


Hanno Böck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service.

CVEs contained in this USN include: CVE-2018-18508

Affected Pivotal Products and Versions

Severity is medium unless otherwise noted.

  • Pivotal Operations Manager is vulnerable in the following releases:
    • 2.4.x versions prior to 2.4.6
    • 2.3.x versions prior to 2.3.12
    • 2.2.x versions prior to 2.2.19

Users of affected versions should apply the following mitigation:

  • Releases that have fixed this issue include:
    • Pivotal Operations Manager: 2.5.0, 2.4.6, 2.3.12, 2.2.19
Contact us