Good afternoon. Multiple flaws in NSS were reported to Mozilla on or around 28
April 2017 and as of this notification have not been resolved and as such, I am
disclosing them to the public so that anyone making use of NSS is aware that
these exist. Please note that as I send this, the bugs
Title:
==
Unpatched Mozilla Firefox v50 - v55 Stack Overflow DoS Vulnerability
References:
==
https://bugzilla.mozilla.org/show_bug.cgi?id=1322307
Timeline:
==
Reported to Mozilla: 2016-12-06
Mozilla made public: 2016-12-15
Declined bounty: 2017-01-30
Advisory