This article has been indexed from The Hacker News
Mozilla has rolled out fixes to address a critical security weakness in its cross-platform Network Security Services (NSS) cryptographic library that could be potentially exploited by an adversary to crash a vulnerable application and even execute arbitrary code.
Tracked as CVE-2021-43527, the flaw affects NSS versions prior to 3.73 or 3.68.1 ESR, and concerns a heap overflow vulnerability when
Read the original article: Critical Bug in Mozilla’s NSS Crypto Library Potentially Affects Several Other Software