Lucene search
HistoryMar 19, 2024 - 12:15 p.m.
CVE-2023-5388
cve-2023-5388
nss
timing side-channel attack
rsa decryption
firefox
thunderbird
vulnerability
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Affected configurations
Node
mozillafirefoxRange≤124
mozillafirefox_esrRange≤115.9
mozillathunderbirdRange≤115.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | firefox_esr | * | cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "124",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
bugzilla.mozilla.org/show_bug.cgi?id=1780432
lists.debian.org/debian-lts-announce/2024/03/msg00022.html
lists.debian.org/debian-lts-announce/2024/03/msg00028.html
www.mozilla.org/security/advisories/mfsa2024-12/
www.mozilla.org/security/advisories/mfsa2024-13/
www.mozilla.org/security/advisories/mfsa2024-14/
Social References
More
Related
osv
osv
Moderate: nss security update
2024-01-10 00:00:00
Moderate: nss security update
2024-01-12 19:57:06
CVE-2023-5388
2024-03-19 12:15:07
redhatcve
redhatcve
CVE-2023-5388
2023-10-12 13:13:00
oraclelinux
oraclelinux
nss security update
2024-01-10 00:00:00
nss security update
2024-01-10 00:00:00
thunderbird security update
2024-03-26 00:00:00
amazon
amazon
Medium: nss-softokn
2024-01-19 01:19:00
Medium: nss-softokn
2024-01-19 01:51:00
nessus
nessus
SUSE SLES12 Security Update : mozilla-nss (SUSE-SU-2024:0578-1)
2024-02-22 00:00:00
RHEL 9 : nss (RHSA-2024:0107)
2024-01-10 00:00:00
RHEL 8 : nss (RHSA-2024:0106)
2024-01-10 00:00:00
redhat
redhat
(RHSA-2024:0106) Moderate: nss security update
2024-01-10 08:02:25
(RHSA-2024:0093) Moderate: nss security update
2024-01-09 14:47:34
(RHSA-2024:0107) Moderate: nss security update
2024-01-10 08:03:07
vulnrichment
vulnrichment
CVE-2023-5388
2024-03-19 12:02:54
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0578-1)
2024-02-22 00:00:00
openSUSE: Security Advisory for mozilla (SUSE-SU-2024:0597-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0579-1)
2024-02-22 00:00:00
debiancve
debiancve
CVE-2023-5388
2024-03-19 12:15:07
f5
f5
K000139794: Mozilla NSS vulnerability CVE-2023-5388
2024-05-28 00:00:00
alpinelinux
alpinelinux
CVE-2023-5388
2024-03-19 12:15:07
cgr
cgr
CVE-2023-5388 vulnerabilities
2024-05-19 03:07:16
rocky
rocky
nss security update
2024-01-12 19:57:06
thunderbird security update
2024-03-27 04:34:32
firefox security update
2024-03-27 04:34:32
almalinux
almalinux
Moderate: nss security update
2024-01-10 00:00:00
Moderate: nss security update
2024-01-10 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
nvd
nvd
CVE-2023-5388
2024-03-19 12:15:07
cvelist
cvelist
CVE-2023-5388
2024-03-19 12:02:54
ubuntucve
ubuntucve
CVE-2023-5388
2023-10-23 00:00:00
CVE-2023-4421
2023-12-12 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2024-3.0-0739
2024-03-20 00:00:00
Moderate Photon OS Security Update - PHSA-2024-5.0-0234
2024-03-28 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0584
2024-03-27 00:00:00
debian
debian
[SECURITY] [DLA 3757-1] nss security update
2024-03-11 05:37:41
[SECURITY] [DSA 5643-1] firefox-esr security update
2024-03-21 19:19:35
[SECURITY] [DSA 5644-1] thunderbird security update
2024-03-21 19:22:16
ubuntu
ubuntu
NSS vulnerabilities
2024-04-10 00:00:00
NSS regression
2024-04-11 00:00:00
Thunderbird vulnerabilities
2024-03-26 00:00:00
ibm
ibm
mageia
mageia
Updated rootcerts, nss and firefox packages fix security vulnerabilities
2024-02-27 04:08:24
Updated thunderbird packages fix security vulnerabilities
2024-03-27 22:40:25
Updated nss firefox, nss packages fix security vulnerabilities
2024-03-27 22:24:13
kaspersky
kaspersky
KLA65226 Multiple vulnerabilities in Mozilla Thunderbird
2024-03-19 00:00:00
KLA65225 Multiple vulnerabilities in Mozilla Firefox ESR
2024-03-19 00:00:00
KLA65224 Multiple vulnerabilities in Mozilla Firefox
2024-03-19 00:00:00
centos
centos
firefox security update
2024-04-03 14:00:43
thunderbird security update
2024-04-03 14:01:39
slackware
slackware
[slackware-security] mozilla-firefox
2024-03-20 00:27:50
[slackware-security] mozilla-thunderbird
2024-03-20 00:28:21
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 115.9 — Mozilla
2024-03-19 00:00:00
Security Vulnerabilities fixed in Firefox ESR 115.9 — Mozilla
2024-03-19 00:00:00
Security Vulnerabilities fixed in Firefox 124 — Mozilla
2024-03-19 00:00:00