3 matches found
PT-2020-20365
Name of the Vulnerable Software and Affected Versions AWS S3 Crypto SDK for GoLang versions prior to V2 Description A vulnerability exists in the in-band key negotiation of the AWS S3 Crypto SDK for GoLang. An attacker with write access to the targeted bucket can change the encryption algorithm o...
CVE-2020-12399
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...
OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...