MGASA-2019-0374

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2019-11745

Published: 08 Dec 2019, 18:12

Last modified:16 Apr 2026, 04:26

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

08 Dec 2019, 18:12

Published

Vulnerability first disclosed

16 Apr 2026, 04:26

Last Modified

Vulnerability information updated

Description

Updated nss packages fix security vulnerability Updated nss packages fix security vulnerability: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745). Also, rootcerts has been updated to 20191126.00

Affected Systems

mageia•nss
< 3.47.1-1.mga7
mageia•rootcerts
< 20191126.00-1.mga7

References (4)

https://advisories.mageia.org/MGASA-2019-0374.html
https://bugs.mageia.org/show_bug.cgi?id=25792
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47.1_release_notes
https://usn.ubuntu.com/4203-1/