SUSE-SU-2023:0119-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2022-23491 CVE-2022-3479

Published: 20 Jan 2023, 09:28

Last modified:04 Feb 2026, 04:39

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

20 Jan 2023, 09:28

Published

Vulnerability first disclosed

04 Feb 2026, 04:39

Last Modified

Vulnerability information updated

Description

Security update for mozilla-nss This update for mozilla-nss fixes the following issues: - CVE-2022-3479: Fixed a potential crash that could be triggered when a server requested a client authentication certificate, but the client had no certificates stored (bsc#1204272). - Updated to version 3.79.3 (bsc#1207038): - CVE-2022-23491: Removed trust for 3 root certificates from TrustCor.

Affected Systems

opensuse•mozilla-nss&distro=openSUSE Leap 15.4
< 3.79.3-150400.3.23.1
opensuse•mozilla-nss&distro=openSUSE Leap Micro 5.3
< 3.79.3-150400.3.23.1
suse•mozilla-nss&distro=SUSE Linux Enterprise Micro 5.3
< 3.79.3-150400.3.23.1
suse•mozilla-nss&distro=SUSE Linux Enterprise Module for Basesystem 15 SP4
< 3.79.3-150400.3.23.1

SUSE-SU-2023:0119-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)