Описание
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 68.0+build3-0ubuntu0.18.04.1 |
| cosmic | released | 68.0+build3-0ubuntu0.18.10.1 |
| devel | released | 68.0+build3-0ubuntu1 |
| disco | released | 68.0+build3-0ubuntu0.19.04.1 |
| eoan | released | 68.0+build3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | released | 68.0+build3-0ubuntu1 |
| groovy | released | 68.0+build3-0ubuntu1 |
| hirsute | released | 68.0+build3-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/bionic | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/focal | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | ignored | |
| focal | ignored | |
| groovy | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| cosmic | ignored | end of life |
| devel | released | 2:3.45-1ubuntu1 |
| disco | released | 2:3.42-1ubuntu2.1 |
| eoan | released | 2:3.45-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | released | 2:3.45-1ubuntu1 |
| esm-infra/xenial | not-affected | code not present |
| focal | released | 2:3.45-1ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 1:68.4.1+build1-0ubuntu0.18.04.1 |
| cosmic | ignored | end of life |
| devel | not-affected | 1:68.5.0+build1-0ubuntu1 |
| disco | ignored | end of life |
| eoan | not-affected | 1:68.4.1+build1-0ubuntu0.19.10.1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | not-affected | 1:68.5.0+build1-0ubuntu1 |
| groovy | not-affected | 1:68.5.0+build1-0ubuntu1 |
| hirsute | not-affected | 1:68.5.0+build1-0ubuntu1 |
Показывать по
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
A vulnerability exists where it possible to force Network Security Ser ...
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
Уязвимость браузера Firefox, связанная с ошибкой службы сетевой безопасности CertificateVerify, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3