Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures (Critical)
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR
are vulnerable to a heap overflow when handling DER-encoded DSA or
RSA-PSS signatures. Applications using NSS for handling signatures
encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be
impacted. Applications using NSS for certificate validation or other
TLS, X.509, OCSP or CRL functionality may be impacted, depending on
how they configure NSS.