CVE-2020-12399

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

Design/Logic Flaw

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

CVE-2020-12399

CVE-2020-12399 involves NSS showing timing differences during DSA signatures, a vulnerability that could allow leakage of DSA private keys. The connected documents consistently state affected software as Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR

CVE-2020-12399

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

CVE-2020-12399

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

CVE-2020-12399

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

Updated firefox packages fix security vulnerability

Updated nss and firefox packages fix security vulnerabilities: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys CVE-2020-12399. Side channel vulnerabilities during RSA key generation in NSS CVE-2020-12402. When browsing ...

EulerOS Virtualization 3.0.6.0 : wpa_supplicant (EulerOS-SA-2020-1763)

According to the versions of the wpasupplicant package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable...

EulerOS 2.0 SP2 : libgcrypt (EulerOS-SA-2020-1672)

According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proxima...

Ubuntu: Security Advisory (USN-4383-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Thunderbird < 68.9.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 68.9.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-22 advisory. - Mozilla developers Tom Tung and Karl Tomlinson reported memory safety bugs present in Firefox 68.8. Som...

Mozilla Thunderbird < 68.9.0

The version of Thunderbird installed on the remote Windows host is prior to 68.9.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-22 advisory. - Mozilla developers Tom Tung and Karl Tomlinson reported memory safety bugs present in Firefox 68.8. Some of these...

Security Vulnerabilities fixed in Firefox 77 — Mozilla

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. Mozilla Developer Iain Ireland...

CVE-2020-12399

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

Wagtail -- potential timing attack vulnerability

Wagtail release notes: CVE-2020-11037: Potential timing attack on password-protected private pages This release addresses a potential timing attack on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through ...

EulerOS 2.0 SP5 : libgcrypt (EulerOS-SA-2020-1114)

According to the version of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The mpipowm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing...

Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2020-1114)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-0837

The mpipowm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."...

Design/Logic Flaw

The mpipowm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."...

CVE-2015-0837

The mpipowm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."...