CVE-2023-5388

Name
CVE-2023-5388
Description
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
security@mozilla.org https://bugzilla.mozilla.org/show_bug.cgi?id=1780432
security@mozilla.org https://www.mozilla.org/security/advisories/mfsa2024-12/
security@mozilla.org https://www.mozilla.org/security/advisories/mfsa2024-13/
security@mozilla.org https://www.mozilla.org/security/advisories/mfsa2024-14/
security@mozilla.org https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
security@mozilla.org https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html

Match rules

CPE URI Source package Min version Max version
firefox >= unspecified < 124
firefox-esr >= unspecified < 115.9
thunderbird >= unspecified < 115.9

Vulnerable and fixed packages

Source package Branch Version Maintainer Status