Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-6135

Опубликовано: 19 дек. 2023
Источник: debian
EPSS Низкий

Описание

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed121.0-1package
nssfixed2:3.95-1package
nssignoredbookwormpackage
nssignoredbullseyepackage
nssignoredbusterpackage

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135

  • https://bugzilla.mozilla.org/show_bug.cgi?id=1853908 (not public)

  • Fixed via: https://bugzilla.mozilla.org/show_bug.cgi?id=1861728

  • https://hg.mozilla.org/projects/nss/rev/e68b42b773657000078d104aaccbe26e71a1e0be

  • Fixed via: https://bugzilla.mozilla.org/show_bug.cgi?id=1863605

  • https://hg.mozilla.org/projects/nss/rev/39f0db972e9d4803f386585bc4d8858ad6f019b8

  • nss issue relates to: https://bugzilla.mozilla.org/show_bug.cgi?id=1854438

  • nss issue relates to: https://bugzilla.mozilla.org/show_bug.cgi?id=1854439

EPSS

Процентиль: 35%
0.00142
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-6135

CVSS3: 4.3
ubuntu
больше 1 года назад

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

redhat логотип

CVE-2023-6135

CVSS3: 4.3
redhat
больше 1 года назад

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

nvd логотип

CVE-2023-6135

CVSS3: 4.3
nvd
больше 1 года назад

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

rocky логотип

RLSA-2024:0786

rocky
больше 1 года назад

Moderate: nss security update

github логотип

GHSA-jxv6-m6pm-cqh2

CVSS3: 4.3
github
больше 1 года назад

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

EPSS

Процентиль: 35%
0.00142
Низкий