Fixed in versions 2:3.35-2ubuntu2.15 (18.04), 2:3.49.1-1ubuntu1.8 (20.04) and 2:3.68-1ubuntu1.2 (21.10). The version in Ubuntu 22.04 is not vulnerable.
** Changed in: nss (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1968922 Title: libnss3 is affected by CVE-2022-22747 Status in nss package in Ubuntu: Fix Released Bug description: libnss3 2:3.49.1-1ubuntu1.6 is affected by CVE-2022-22747. The entry for this CVE in the Ubuntu CVE tracker does not list this source package. This CVE was fixed in Debian 11 on January 23. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1968922/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp