CVE-2020-12413

Опубликовано: 16 фев. 2023

Источник: debian

EPSS Низкий

Описание

The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
nss	fixed	2:3.17-1		package
nss	no-dsa		buster	package
nss	no-dsa		stretch	package

Примечания

https://raccoon-attack.com/
Starting with 3.17 NSS allows to disable reuse of ECDHE keys, marking this
as the "fixed" version for unstable:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17_release_notes

EPSS

Процентиль: 48%

0.00273

Низкий

Связанные уязвимости

CVE-2020-12413

CVSS3: 5.9

ubuntu

почти 3 года назад

The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.

CVE-2020-12413

CVSS3: 5.9

redhat

около 5 лет назад

The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.

CVE-2020-12413

CVSS3: 5.9

nvd

почти 3 года назад

The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.

GHSA-4mgq-9qgw-ghcx

CVSS3: 5.9

github

почти 3 года назад

The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.

EPSS

Процентиль: 48%

0.00273

Низкий