8 matches found
Amazon Linux AMI : nspr, nss-softokn, nss-util (ALAS-2021-1522)
The version of nspr installed on the remote host is prior to 4.25.0-2.45. The version of nss-softokn installed on the remote host is prior to 3.53.1-6.46. The version of nss-util installed on the remote host is prior to 3.53.1-1.58. It is, therefore, affected by multiple vulnerabilities as...
EulerOS 2.0 SP9 : nss (EulerOS-SA-2021-1931)
According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly...
EulerOS 2.0 SP9 : nss (EulerOS-SA-2021-1952)
According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1717)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : nss-softokn (EulerOS-SA-2021-1536)
According to the versions of the nss-softokn packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could...
Amazon Linux 2 : nspr, nss-softokn, nss-util, nss (ALAS-2020-1559)
The version of nspr installed on the remote host is prior to 4.25.0-2. The version of nss installed on the remote host is prior to 3.53.1-3. The version of nss-softokn installed on the remote host is prior to 3.53.1-6. The version of nss- util installed on the remote host is prior to 3.53.1-1. It...
Side-Channel Attack
nss is vulnerable to side-channel attacks. An attacker is able to perform electromagnetic-based side channel attacks during RSA key generation to recover the secret primes...
CVE-2020-12402
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secr...