Critical Bug in Mozilla’s NSS Crypto Library Potentially Affects Several Other Software

Discussion in 'News Aggregator' started by Ravie Lakshmanan, 2 Dec 2021.

  1. Mozilla has rolled out fixes to address a critical security weakness in its cross-platform Network Security Services (NSS) cryptographic library that could be potentially exploited by an adversary to crash a vulnerable application and even execute arbitrary code. Tracked as CVE-2021-43527, the flaw affects NSS versions prior to 3.73 or 3.68.1 ESR, and concerns a heap overflow vulnerability when

    Continue reading...
     

Share This Page

Loading...