[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2015-0268":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":44,"duplicates":45,"related":46,"reserved_at":9,"published_at":62,"modified_at":63,"state":9,"summary":64,"references_raw":66,"kevs":135,"epss":9,"epss_history":136,"metrics":137,"affected":138},"MGASA-2015-0268","Updated firefox package fixes security vulnerability\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox (CVE-2015-2722, CVE-2015-2724, CVE-2015-2728,\nCVE-2015-2733, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737,\nCVE-2015-2738, CVE-2015-2739, CVE-2015-2740).\n\nA flaw was discovered in Mozilla's PDF.js PDF file viewer. When combined\nwith another vulnerability, it could allow execution of arbitrary code\nwith the privileges of the user running Firefox (CVE-2015-2743).\n\nA vulnerability in the TLS protocol allows a man-in-the-middle attacker to\ndowngrade vulnerable TLS connections using ephemeral Diffie-Hellman key\nexchange to 512-bit export-grade cryptography. This vulnerability is known\nas Logjam (CVE-2015-4000).\n\nSecurity researcher Karthikeyan Bhargavan reported an issue in Network\nSecurity Services (NSS) where the client allows for a ECDHE_ECDSA exchange\nwhere the server does not send its ServerKeyExchange message instead of\naborting the handshake. Instead, the NSS client will take the EC key from\nthe ECDSA certificate. This violates the TLS protocol and also has some\nsecurity implications for forward secrecy. In this situation, the browser\nthinks it is engaged in an ECDHE exchange, but has been silently\ndowngraded to a non-forward secret mixed-ECDH exchange instead. As a\nresult, if False Start is enabled, the browser will start sending data\nencrypted under these non-forward-secret connection keys (CVE-2015-2721).\n\nMozilla community member Watson Ladd reported that the implementation of\nElliptical Curve Cryptography (ECC) multiplication for Elliptic Curve\nDigital Signature Algorithm (ECDSA) signature validation in Network\nSecurity Services (NSS) did not handle exceptional cases correctly. This\ncould potentially allow for signature forgery (CVE-2015-2730).\n\nThe nss package has been updated to version 3.19.2, which fixes issues\nrelated to the minimum key sizes of finite field algorithms, including\nCVE-2015-4000. It also fixes CVE-2015-2721 and CVE-2015-2730.\n\nThe Mageia 4 sqlite3 package has also been updated to version 3.8.10.2,\nfixing an index corruption issue. Mageia 5 already shipped with version\n3.8.10.2.\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42],{"_key":15},"CVE-2015-2721",{"_key":17},"CVE-2015-2722",{"_key":19},"CVE-2015-2724",{"_key":21},"CVE-2015-2728",{"_key":23},"CVE-2015-2730",{"_key":25},"CVE-2015-2733",{"_key":27},"CVE-2015-2734",{"_key":29},"CVE-2015-2735",{"_key":31},"CVE-2015-2736",{"_key":33},"CVE-2015-2737",{"_key":35},"CVE-2015-2738",{"_key":37},"CVE-2015-2739",{"_key":39},"CVE-2015-2740",{"_key":41},"CVE-2015-2743",{"_key":43},"CVE-2015-4000",[],[],[47,48,49,50,51,52,53,54,55,56,57,58,59,60,61],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},"2015-07-05T17:22:03Z","2026-04-16T06:25:43.902899784Z",{"cisa_kev":65,"cisa_ransomware":65,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[67,73,78,83,87,91,95,99,103,107,111,115,119,123,127,131],{"url":68,"sources":69,"tags":71},"https://advisories.mageia.org/MGASA-2015-0268.html",[70],"osv_mageia",[72],"Advisory",{"url":74,"sources":75,"tags":76},"https://bugs.mageia.org/show_bug.cgi?id=16232",[70],[77],"REPORT",{"url":79,"sources":80,"tags":81},"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes",[70],[77,82],"WEB",{"url":84,"sources":85,"tags":86},"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2_release_notes",[70],[77,82],{"url":88,"sources":89,"tags":90},"http://www.sqlite.org/releaselog/3_8_10_2.html",[70],[77,82],{"url":92,"sources":93,"tags":94},"https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/",[70],[77,72],{"url":96,"sources":97,"tags":98},"https://www.mozilla.org/en-US/security/advisories/mfsa2015-61/",[70],[77,72],{"url":100,"sources":101,"tags":102},"https://www.mozilla.org/en-US/security/advisories/mfsa2015-64/",[70],[77,72],{"url":104,"sources":105,"tags":106},"https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/",[70],[77,72],{"url":108,"sources":109,"tags":110},"https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/",[70],[77,72],{"url":112,"sources":113,"tags":114},"https://www.mozilla.org/en-US/security/advisories/mfsa2015-69/",[70],[77,72],{"url":116,"sources":117,"tags":118},"https://www.mozilla.org/en-US/security/advisories/mfsa2015-70/",[70],[77,72],{"url":120,"sources":121,"tags":122},"https://www.mozilla.org/en-US/security/advisories/mfsa2015-71/",[70],[77,72],{"url":124,"sources":125,"tags":126},"https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/",[70],[77,82],{"url":128,"sources":129,"tags":130},"https://rhn.redhat.com/errata/RHSA-2015-1185.html",[70],[77,82],{"url":132,"sources":133,"tags":134},"https://rhn.redhat.com/errata/RHSA-2015-1207.html",[70],[77,82],[],[],[],[139,151,155,161,167,172,175],{"ecosystem":140,"name":141,"vendor":142,"product":141,"cpe_part":9,"purl_type":143,"purl_namespace":142,"purl_name":141,"source":9,"versions":144},"Mageia","firefox","mageia","rpm",[145],{"version":146,"is_range":147,"range_type":148,"version_start":9,"version_start_type":9,"version_end":149,"version_end_type":150,"fixed_in":9},"lt38_1_0_1_mga4",true,"ecosystem","38.1.0-1.mga4","excluding",{"ecosystem":140,"name":152,"vendor":142,"product":152,"cpe_part":9,"purl_type":143,"purl_namespace":142,"purl_name":152,"source":9,"versions":153},"firefox-l10n",[154],{"version":146,"is_range":147,"range_type":148,"version_start":9,"version_start_type":9,"version_end":149,"version_end_type":150,"fixed_in":9},{"ecosystem":140,"name":156,"vendor":142,"product":156,"cpe_part":9,"purl_type":143,"purl_namespace":142,"purl_name":156,"source":9,"versions":157},"nss",[158],{"version":159,"is_range":147,"range_type":148,"version_start":9,"version_start_type":9,"version_end":160,"version_end_type":150,"fixed_in":9},"lt3_19_2_1_mga4","3.19.2-1.mga4",{"ecosystem":140,"name":162,"vendor":142,"product":162,"cpe_part":9,"purl_type":143,"purl_namespace":142,"purl_name":162,"source":9,"versions":163},"sqlite3",[164],{"version":165,"is_range":147,"range_type":148,"version_start":9,"version_start_type":9,"version_end":166,"version_end_type":150,"fixed_in":9},"lt3_8_10_2_1_mga4","3.8.10.2-1.mga4",{"ecosystem":140,"name":141,"vendor":142,"product":141,"cpe_part":9,"purl_type":143,"purl_namespace":142,"purl_name":141,"source":9,"versions":168},[169],{"version":170,"is_range":147,"range_type":148,"version_start":9,"version_start_type":9,"version_end":171,"version_end_type":150,"fixed_in":9},"lt38_1_0_1_mga5","38.1.0-1.mga5",{"ecosystem":140,"name":152,"vendor":142,"product":152,"cpe_part":9,"purl_type":143,"purl_namespace":142,"purl_name":152,"source":9,"versions":173},[174],{"version":170,"is_range":147,"range_type":148,"version_start":9,"version_start_type":9,"version_end":171,"version_end_type":150,"fixed_in":9},{"ecosystem":140,"name":156,"vendor":142,"product":156,"cpe_part":9,"purl_type":143,"purl_namespace":142,"purl_name":156,"source":9,"versions":176},[177],{"version":178,"is_range":147,"range_type":148,"version_start":9,"version_start_type":9,"version_end":179,"version_end_type":150,"fixed_in":9},"lt3_19_2_1_mga5","3.19.2-1.mga5"]