Уязвимость восстановления закрытого ключа через атаку "Minerva" на несколько кривых NSS NIST в Firefox
Описание
Несколько кривых NSS NIST подвержены атаке по сторонним каналам, известной как "Minerva". Эта атака потенциально позволяет злоумышленнику восстановить закрытый ключ.
Затронутые версии ПО
- Firefox < 121
Тип уязвимости
Утечка закрытого ключа
Ссылки
- Issue TrackingPermissions Required
- Vendor Advisory
- Issue TrackingPermissions Required
- Vendor Advisory
Уязвимые конфигурации
EPSS
4.3 Medium
CVSS3
Дефекты
Связанные уязвимости
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
Multiple NSS NIST curves were susceptible to a side-channel attack kno ...
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
EPSS
4.3 Medium
CVSS3