suse · CVE-2016-5285

Quick triage

Priority: medium Published: 2021-05-30 13:43:30 UTC Updated: 2026-04-18 16:06:59 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-5285 severity moderate: SUSE including 95 source package names (MozillaFirefox-45.5.0esr-88.1, MozillaFirefox-45.5.1esr-59.1, …), 389 product×package rows across 53 product lines (Image SLES12-SP5-Azure-BYOS, Image SLES12-SP5-Azure-Basic-On-Demand, … (53 product lines)): Fixed 389.

Description:

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

cvelogic Threat Intelligence