{"id":"USN-4203-2","summary":"nss vulnerability","details":"USN-4203-1 fixed a vulnerability in NSS. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.\n\nOriginal advisory details:\n\n It was discovered that NSS incorrectly handled certain memory operations. A\n remote attacker could use this issue to cause NSS to crash, resulting in a\n denial of service, or possibly execute arbitrary code.\n","modified":"2026-02-10T04:41:42Z","published":"2019-11-27T18:23:47Z","related":["UBUNTU-CVE-2019-11745"],"upstream":["CVE-2019-11745","UBUNTU-CVE-2019-11745"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4203-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-11745"}],"affected":[{"package":{"name":"nss","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/nss@2:3.28.4-0ubuntu0.14.04.5+esm2?arch=source&distro=trusty/esm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:3.28.4-0ubuntu0.14.04.5+esm2"}]}],"versions":["2:3.15.1-1ubuntu1","2:3.15.2-1","2:3.15.3-1","2:3.15.3.1-1","2:3.15.3.1-1.1","2:3.15.3.1-1.1ubuntu1","2:3.15.4-1ubuntu3","2:3.15.4-1ubuntu4","2:3.15.4-1ubuntu5","2:3.15.4-1ubuntu6","2:3.15.4-1ubuntu7","2:3.15.4-1ubuntu7.1","2:3.17-0ubuntu0.14.04.1","2:3.17.1-0ubuntu0.14.04.1","2:3.17.1-0ubuntu0.14.04.2","2:3.17.4-0ubuntu0.14.04.1","2:3.19.2-0ubuntu0.14.04.1","2:3.19.2.1-0ubuntu0.14.04.1","2:3.19.2.1-0ubuntu0.14.04.2","2:3.21-0ubuntu0.14.04.1","2:3.21-0ubuntu0.14.04.2","2:3.23-0ubuntu0.14.04.1","2:3.26.2-0ubuntu0.14.04.3","2:3.28.4-0ubuntu0.14.04.1","2:3.28.4-0ubuntu0.14.04.2","2:3.28.4-0ubuntu0.14.04.3","2:3.28.4-0ubuntu0.14.04.4","2:3.28.4-0ubuntu0.14.04.5","2:3.28.4-0ubuntu0.14.04.5+esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_version":"2:3.28.4-0ubuntu0.14.04.5+esm2","binary_name":"libnss3"},{"binary_version":"2:3.28.4-0ubuntu0.14.04.5+esm2","binary_name":"libnss3-1d"},{"binary_version":"2:3.28.4-0ubuntu0.14.04.5+esm2","binary_name":"libnss3-dev"},{"binary_version":"2:3.28.4-0ubuntu0.14.04.5+esm2","binary_name":"libnss3-nssdb"},{"binary_version":"2:3.28.4-0ubuntu0.14.04.5+esm2","binary_name":"libnss3-tools"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:Pro:14.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2019-11745"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4203-2.json"}}],"schema_version":"1.7.3"}