MFSA2021-51: Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures

Q: What is the vulnerability ID?

The vulnerability ID is MFSA2021-51.

Q: What is the title of the vulnerability?

The title of the vulnerability is 'Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures'.

Q: Which software is affected by this vulnerability?

Mozilla NSS versions up to and excluding 3.68.1 and up to and excluding 3.73 are affected by this vulnerability.

Q: How severe is this vulnerability?

This vulnerability is classified as critical with a severity value of 9.

Q: Where can I find more information about this vulnerability?

You can find more information about this vulnerability at the following link: [Mozilla Security Advisory MFSA2021-51](https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/)

Published Dec 1, 2021

Updated

Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures

Affected Software

2 affected componentsFixes available

Mozilla nSS<3.68.1

3.68.1

Mozilla nSS<3.73

3.73

Event History

Dec 1, 2021

Advisory Published

via Mozilla·12:00 AM

Child vulnerabilities

Contains the following vulnerabilities.

CVE-2021-43527

Frequently Asked Questions

What is the vulnerability ID?

The vulnerability ID is MFSA2021-51.

What is the title of the vulnerability?

The title of the vulnerability is 'Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures'.

Which software is affected by this vulnerability?

Mozilla NSS versions up to and excluding 3.68.1 and up to and excluding 3.73 are affected by this vulnerability.

How severe is this vulnerability?