Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:0786

Опубликовано: 12 мар. 2024
Источник: rocky
Оценка: Moderate

Описание

Moderate: nss security update

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

Security Fix(es):

  • nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
nssx86_646.el8_9nss-3.90.0-6.el8_9.x86_64.rpm
nss-develx86_646.el8_9nss-devel-3.90.0-6.el8_9.x86_64.rpm
nss-softoknx86_646.el8_9nss-softokn-3.90.0-6.el8_9.x86_64.rpm
nss-softokn-develx86_646.el8_9nss-softokn-devel-3.90.0-6.el8_9.x86_64.rpm
nss-softokn-freeblx86_646.el8_9nss-softokn-freebl-3.90.0-6.el8_9.x86_64.rpm
nss-softokn-freebl-develx86_646.el8_9nss-softokn-freebl-devel-3.90.0-6.el8_9.x86_64.rpm
nss-sysinitx86_646.el8_9nss-sysinit-3.90.0-6.el8_9.x86_64.rpm
nss-toolsx86_646.el8_9nss-tools-3.90.0-6.el8_9.x86_64.rpm
nss-utilx86_646.el8_9nss-util-3.90.0-6.el8_9.x86_64.rpm
nss-util-develx86_646.el8_9nss-util-devel-3.90.0-6.el8_9.x86_64.rpm

Показывать по

Связанные CVE

CVE-2023-6135

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2023-6135

CVSS3: 4.3
ubuntu
больше 1 года назад

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

redhat логотип

CVE-2023-6135

CVSS3: 4.3
redhat
больше 1 года назад

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

nvd логотип

CVE-2023-6135

CVSS3: 4.3
nvd
больше 1 года назад

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

debian логотип

CVE-2023-6135

CVSS3: 4.3
debian
больше 1 года назад

Multiple NSS NIST curves were susceptible to a side-channel attack kno ...

github логотип

GHSA-jxv6-m6pm-cqh2

CVSS3: 4.3
github
больше 1 года назад

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.