Mod Nss Project

mod_nss_project

4 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-4973 1Mod Nss Project 1Mod Nss Nov 21, 2024 Feb 15, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.
CVE-2015-3277 1Mod Nss Project 1Mod Nss May 13, 2026 Aug 9, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring.
CVE-2015-5244 1Mod Nss Project 1Mod Nss May 13, 2026 Aug 7, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.
CVE-2013-4566 2Mod Nss Project Redhat 2Enterprise Linux Mod Nss Apr 29, 2026 Dec 12, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access...Show more mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.Show less