{"id":"RHSA-2020:3280","summary":"Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update","modified":"2025-11-22T12:06:09Z","published":"2024-09-16T04:32:43Z","upstream":["CVE-2019-11756","CVE-2019-17006","CVE-2019-17023","CVE-2020-12399","CVE-2020-12402"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:3280"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1663187"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691454"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1711375"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724250"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1750921"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1774835"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1775916"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791225"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809637"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825270"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1826231"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1854564"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3280.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11756"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11756"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11756"},{"type":"ARTICLE","url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47_release_notes"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-17006"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-17006"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17006"},{"type":"ARTICLE","url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.46_release_notes"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-17023"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-17023"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17023"},{"type":"ARTICLE","url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49_release_notes"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-12399"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1826177"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-12399"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12399"},{"type":"ARTICLE","url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.4_release_notes"},{"type":"ARTICLE","url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52.1_release_notes"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-12402"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-12402"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12402"},{"type":"ARTICLE","url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53.1_release_notes"}],"affected":[{"package":{"name":"nspr","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nspr"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.25.0-2.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nspr-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nspr-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.25.0-2.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nspr-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nspr-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.25.0-2.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nspr-devel","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nspr-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.25.0-2.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-devel","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-softokn","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-softokn"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-softokn-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-softokn-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-softokn-devel","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-softokn-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-softokn-freebl","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-softokn-freebl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-softokn-freebl-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-softokn-freebl-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-softokn-freebl-devel","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-softokn-freebl-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-sysinit","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-sysinit"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-sysinit-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-sysinit-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-tools","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-tools-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-tools-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-util","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-util"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-util-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-util-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}},{"package":{"name":"nss-util-devel","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/nss-util-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.53.1-11.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3280.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}