EUVD-2020-4715

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-12404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chose...

K10281096: TLS in Mozilla NSS vulnerability CVE-2018-12404

Security Advisory Description A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41. CVE-2018-1240...

EulerOS 2.0 SP10 : nss (EulerOS-SA-2022-1468)

According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS...

Security Bulletin: Potential side-channel cryptographic vulnerabilities in IBM DataPower Gateway

Summary IBM DataPower Gateway is potentially vulnerable to two side-channel attacks CVE-2018-0495, CVE-2018-12404 Vulnerability Details CVEID: CVE-2018-0495 DESCRIPTION: Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be...

Design/Logic Flaw

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This fla...

CVE-2020-25648

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This fla...

EulerOS Virtualization 3.0.6.0 : nss (EulerOS-SA-2020-1718)

According to the version of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a...

CVE-2018-12404

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41...

Amazon Linux AMI : nss, nss-softokn, nss-util, nspr (ALAS-2020-1355)

The version of nspr installed on the remote host is prior to 4.21.0-1.43. The version of nss installed on the remote host is prior to 3.44.0-7.84. The version of nss-softokn installed on the remote host is prior to 3.44.0-8.44. The version of nss-util installed on the remote host is prior to...

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-12404)

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen...

EulerOS 2.0 SP3 : nss-softokn (EulerOS-SA-2019-2246)

According to the versions of the nss-softokn packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through...

Medium: nss

Issue Overview: A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41. CVE-2018-12404 Libgcrypt...

ALPINE-CVE-2018-12404

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41...

CVE-2018-12404

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41...

CVE-2018-12404

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41...