First published: Mon Jul 06 2015(Updated: )
Last updated 24 July 2024
Credit: security@mozilla.org security@mozilla.org security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Novell Suse Linux Enterprise Software Development Kit | =12.0 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =14.10 | |
Canonical Ubuntu Linux | =15.04 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =8.0 | |
Novell Suse Linux Enterprise Desktop | =12.0 | |
Novell Suse Linux Enterprise Server | =11-sp4 | |
Novell Suse Linux Enterprise Server | =12.0 | |
Mozilla Network Security Services | =3.19 | |
Mozilla Firefox | <=38.1.0 | |
Mozilla Firefox ESR | =31.0 | |
Mozilla Firefox ESR | =31.1 | |
Mozilla Firefox ESR | =31.1.0 | |
Mozilla Firefox ESR | =31.1.1 | |
Mozilla Firefox ESR | =31.2 | |
Mozilla Firefox ESR | =31.3 | |
Mozilla Firefox ESR | =31.3.0 | |
Mozilla Firefox ESR | =31.4 | |
Mozilla Firefox ESR | =31.5 | |
Mozilla Firefox ESR | =31.5.1 | |
Mozilla Firefox ESR | =31.5.2 | |
Mozilla Firefox ESR | =31.5.3 | |
Mozilla Firefox ESR | =31.6.0 | |
Mozilla Firefox ESR | =31.7.0 | |
Mozilla Firefox ESR | =38.0 | |
Mozilla Thunderbird | <=38.0.1 | |
Oracle Solaris | =11.3 | |
Oracle VM Server | =3.2 | |
All of | ||
Mozilla Network Security Services | =3.19 | |
Any of | ||
Mozilla Firefox | <=38.1.0 | |
Mozilla Firefox | =31.0 | |
Mozilla Firefox | =31.1.0 | |
Mozilla Firefox | =31.1.1 | |
Mozilla Firefox | =31.3.0 | |
Mozilla Firefox | =31.5.1 | |
Mozilla Firefox | =31.5.2 | |
Mozilla Firefox | =31.5.3 | |
Mozilla Firefox | =38.0 | |
Mozilla Firefox ESR | =31.1 | |
Mozilla Firefox ESR | =31.2 | |
Mozilla Firefox ESR | =31.3 | |
Mozilla Firefox ESR | =31.4 | |
Mozilla Firefox ESR | =31.5 | |
Mozilla Firefox ESR | =31.6.0 | |
Mozilla Firefox ESR | =31.7.0 | |
Mozilla Thunderbird | <=38.0.1 | |
debian/nss | 2:3.61-1+deb11u3 2:3.61-1+deb11u4 2:3.87.1-1 2:3.87.1-1+deb12u1 2:3.106-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-2721 is a vulnerability in Mozilla Network Security Services (NSS) that allows man-in-the-middle attacks.
Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products are affected by CVE-2015-2721.
The severity of CVE-2015-2721 is medium, with a severity value of 4.3.
To fix CVE-2015-2721 in Debian-based systems, update the nss package to version 2:3.42.1-1+deb10u5, 2:3.42.1-1+deb10u6, 2:3.61-1+deb11u3, 2:3.87.1-1, or 2:3.93-1, depending on your specific release.
To fix CVE-2015-2721 in Ubuntu-based systems, update the nss package to version 2:3.19.2-0ubuntu15.04.1 (for Ubuntu 15.04), 2:3.19.1-1 (for Ubuntu 15.04), 2:3.19.2-0ubuntu0.14.04.1 (for Ubuntu 14.04), or 2:3.19.2-0ubuntu0.14.10.1 (for Ubuntu 14.10), depending on your specific release.