suse · CVE-2015-7183

Quick triage

Priority: high Published: 2021-05-30 13:33:31 UTC Updated: 2026-04-18 18:12:06 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2015-7183 severity important: SUSE including 444 source package names (MozillaFirefox, MozillaFirefox-102.11.0-150200.152.87.1, …), 728 product×package rows across 99 product lines (Image SLES12-SP5-Azure-BYOS, Image SLES12-SP5-Azure-Basic-On-Demand, … (99 product lines)): Fixed 448, Known Affected 231, Known Not Affected 49.

Description:

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

cvelogic Threat Intelligence