Vulnerabilities > MOD NSS Project > MOD NSS > 1.0.6

DATE CVE VULNERABILITY TITLE RISK
2017-08-09 CVE-2015-3277 Information Exposure vulnerability in MOD NSS Project MOD NSS
The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring.
network
low complexity
mod-nss-project CWE-200
5.0
2017-08-07 CVE-2015-5244 Permissions, Privileges, and Access Controls vulnerability in MOD NSS Project MOD NSS
The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.
network
low complexity
mod-nss-project CWE-264
7.5
2013-12-12 CVE-2013-4566 Permissions, Privileges, and Access Controls vulnerability in multiple products
mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.
network
high complexity
mod-nss-project redhat CWE-264
4.0