NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

References

bugzilla.mozilla.org/show_bug.cgi?id=1780432

lists.debian.org/debian-lts-announce/2024/03/msg00022.html

lists.debian.org/debian-lts-announce/2024/03/msg00028.html

security.alpinelinux.org/vuln/CVE-2023-5388

www.mozilla.org/security/advisories/mfsa2024-12/

www.mozilla.org/security/advisories/mfsa2024-13/

www.mozilla.org/security/advisories/mfsa2024-14/

redhat 27

almalinux 5

openvas 26

nessus 70

osv 23

cve 1

cgr 1

rocky 3

oraclelinux 8

amazon 2

redhatcve 1

ibm 3

vulnrichment 1

f5 1

debiancve 1

alpinelinux 1

nvd 1

redos 1

cvelist 1

ubuntucve 2

photon 3

debian 5

ubuntu 3

mageia 3

centos 1

slackware 1

mozilla 2

kaspersky 2

redhat

(RHSA-2024:0107) Moderate: nss security update

2024-01-10 08:03:07

(RHSA-2024:0108) Moderate: nss security update

2024-01-10 08:03:11

(RHSA-2024:0093) Moderate: nss security update

2024-01-09 14:47:34

almalinux

Moderate: nss security update

2024-01-10 00:00:00

Moderate: nss security update

2024-01-10 00:00:00

Moderate: thunderbird security update

2024-03-25 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2024:0597-1)

2024-02-23 00:00:00

SUSE: Security Advisory (SUSE-SU-2024:0579-1)

2024-02-22 00:00:00

SUSE: Security Advisory (SUSE-SU-2024:0578-1)

2024-02-22 00:00:00

nessus

RHEL 8 : nss (RHSA-2024:0105)

2024-01-10 00:00:00

CentOS 8 : nss (CESA-2024:0105)

2024-01-10 00:00:00

SUSE SLES15 Security Update : mozilla-nss (SUSE-SU-2024:2600-1)

2024-07-25 00:00:00

osv

Moderate: nss security update

2024-01-10 00:00:00

Security update for mozilla-nss

2024-07-23 07:16:10

Moderate: nss security update

2024-01-10 00:00:00

cve

CVE-2023-5388

2024-03-19 12:15:07

cgr

CVE-2023-5388 vulnerabilities

2024-05-19 03:07:16

rocky

nss security update

2024-01-12 19:57:06

thunderbird security update

2024-03-27 04:34:32

firefox security update

2024-03-27 04:34:32

oraclelinux

nss security update

2024-01-10 00:00:00

nss security update

2024-01-10 00:00:00

thunderbird security update

2024-03-25 00:00:00

amazon

Medium: nss-softokn

2024-01-19 01:51:00

Medium: nss-softokn

2024-01-19 01:19:00

redhatcve

CVE-2023-5388

2023-10-12 13:13:00

ibm

Security Bulletin: Vulnerability in nss library (CVE-2023-5388) affects Power HMC.

2024-09-10 15:17:38

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

2024-03-15 13:52:35

Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities.

2024-08-03 05:43:42

vulnrichment

CVE-2023-5388

2024-03-19 12:02:54

K000139794: Mozilla NSS vulnerability CVE-2023-5388

2024-05-28 00:00:00

debiancve

CVE-2023-5388

2024-03-19 12:15:07

alpinelinux

CVE-2023-5388

2024-03-19 12:15:07

nvd

CVE-2023-5388

2024-03-19 12:15:07

redos

ROS-20240717-05

2024-07-17 00:00:00

cvelist

CVE-2023-5388

2024-03-19 12:02:54

ubuntucve

CVE-2023-4421

2023-12-12 00:00:00

CVE-2023-5388

2023-10-23 00:00:00

photon

Moderate Photon OS Security Update - PHSA-2024-3.0-0739

2024-03-20 00:00:00

Moderate Photon OS Security Update - PHSA-2024-5.0-0234

2024-03-28 00:00:00

Important Photon OS Security Update - PHSA-2024-4.0-0584

2024-03-27 00:00:00

debian

[SECURITY] [DLA 3757-1] nss security update

2024-03-11 05:37:41

[SECURITY] [DSA 5643-1] firefox-esr security update

2024-03-21 19:19:35

[SECURITY] [DLA 3775-1] firefox-esr security update

2024-03-25 15:40:17

ubuntu

NSS regression

2024-04-11 00:00:00

NSS vulnerabilities

2024-04-10 00:00:00

Thunderbird vulnerabilities

2024-03-26 00:00:00

mageia

Updated rootcerts, nss and firefox packages fix security vulnerabilities

2024-02-27 04:08:24

Updated thunderbird packages fix security vulnerabilities

2024-03-27 22:40:25

Updated nss firefox, nss packages fix security vulnerabilities

2024-03-27 22:24:13

centos

thunderbird security update

2024-04-03 14:01:39

slackware

[slackware-security] mozilla-thunderbird

2024-03-20 00:28:21

mozilla

Security Vulnerabilities fixed in Thunderbird 115.9 — Mozilla

2024-03-19 00:00:00

Security Vulnerabilities fixed in Firefox ESR 115.9 — Mozilla

2024-03-19 00:00:00

kaspersky

KLA65225 Multiple vulnerabilities in Mozilla Firefox ESR

2024-03-19 00:00:00

KLA65226 Multiple vulnerabilities in Mozilla Thunderbird

2024-03-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

6.3

Confidence

Low

EPSS

Percentile

10.3%

JSON

Related for OSV:CVE-2023-5388