suse · CVE-2017-11698

Quick triage

Priority: medium Published: 2021-05-30 13:59:24 UTC Updated: 2025-05-17 23:45:13 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-11698 severity moderate: SUSE including 19 source package names (libfreebl3, libfreebl3-32bit, …), 255 product×package rows across 27 product lines (SUSE CaaS Platform 3.0, SUSE Container as a Service Platform 2.0, … (27 product lines)): Known Not Affected 255.

Description:

Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

cvelogic Threat Intelligence