Lucene search
MozillaCVELIST:CVE-2017-7822HistoryJun 11, 2018 - 9:00 p.m.
CVE-2017-7822
2018-06-1121:00:00
mozilla
www.cve.org
2
The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects Firefox < 56.
CNA Affected
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "56",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2017-7822
2018-06-11 21:29:10
nvd
nvd
CVE-2017-7822
2018-06-11 21:29:10
ubuntucve
ubuntucve
CVE-2017-7822
2017-10-02 00:00:00
debiancve
debiancve
CVE-2017-7822
2018-06-11 21:29:10
prion
prion
Authentication flaw
2018-06-11 21:29:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3435-1)
2017-10-03 00:00:00
Mozilla Firefox < 56 Multiple Vulnerabilities
2017-10-06 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-3435-2)
2017-10-05 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3435-1)
2017-10-05 00:00:00
Ubuntu: Security Advisory (USN-3435-2)
2017-10-06 00:00:00
Mozilla Firefox Security Advisories (MFSA2017-21, MFSA2017-22) - Windows
2017-10-03 00:00:00
ubuntu
ubuntu
Firefox regression
2017-10-04 00:00:00
Firefox vulnerabilities
2017-10-02 00:00:00
kaspersky
kaspersky
KLA11109 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2017-09-28 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2017-09-28 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 56 — Mozilla
2017-09-28 00:00:00