cve/CVE-2019-11719.md at 410e68ca9dddb67493d84ae4fe8e1a9e392594db

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

POC

Reference

No PoCs from references.

Github

https://github.com/revl-ca/scan-docker-image
https://github.com/vincent-deng/veracode-container-security-finding-parser

1.1 KiB Raw Blame History

CVE-2019-11719

Description

POC

Reference

Github

1.1 KiB

Raw Blame History