NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

References

bugzilla.mozilla.org/show_bug.cgi?id=1780432

lists.debian.org/debian-lts-announce/2024/03/msg00022.html

lists.debian.org/debian-lts-announce/2024/03/msg00028.html

www.mozilla.org/security/advisories/mfsa2024-12/

www.mozilla.org/security/advisories/mfsa2024-13/

www.mozilla.org/security/advisories/mfsa2024-14/

osv 19

oraclelinux 8

amazon 2

nessus 71

redhatcve 1

redhat 27

vulnrichment 1

openvas 28

debiancve 1

f5 1

alpinelinux 1

cgr 1

rocky 3

almalinux 6

cve 1

cvelist 1

ubuntucve 2

photon 3

debian 5

ubuntu 4

ibm 1

mageia 3

centos 2

mozilla 3

kaspersky 2

slackware 2

osv

CVE-2023-5388

2024-03-19 12:15:07

Moderate: nss security update

2024-01-10 00:00:00

Moderate: nss security update

2024-01-12 19:57:06

oraclelinux

nss security update

2024-01-10 00:00:00

nss security update

2024-01-10 00:00:00

thunderbird security update

2024-03-25 00:00:00

amazon

Medium: nss-softokn

2024-01-19 01:19:00

Medium: nss-softokn

2024-01-19 01:51:00

nessus

SUSE SLES12 Security Update : mozilla-nss (SUSE-SU-2024:0578-1)

2024-02-22 00:00:00

RHEL 9 : nss (RHSA-2024:0107)

2024-01-10 00:00:00

RHEL 8 : nss (RHSA-2024:0106)

2024-01-10 00:00:00

redhatcve

CVE-2023-5388

2023-10-12 13:13:00

redhat

(RHSA-2024:0106) Moderate: nss security update

2024-01-10 08:02:25

(RHSA-2024:0093) Moderate: nss security update

2024-01-09 14:47:34

(RHSA-2024:0107) Moderate: nss security update

2024-01-10 08:03:07

vulnrichment

CVE-2023-5388

2024-03-19 12:02:54

openvas

SUSE: Security Advisory (SUSE-SU-2024:0578-1)

2024-02-22 00:00:00

openSUSE: Security Advisory for mozilla (SUSE-SU-2024:0597-1)

2024-03-04 00:00:00

SUSE: Security Advisory (SUSE-SU-2024:0579-1)

2024-02-22 00:00:00

debiancve

CVE-2023-5388

2024-03-19 12:15:07

K000139794: Mozilla NSS vulnerability CVE-2023-5388

2024-05-28 00:00:00

alpinelinux

CVE-2023-5388

2024-03-19 12:15:07

cgr

CVE-2023-5388 vulnerabilities

2024-05-19 03:07:16

rocky

nss security update

2024-01-12 19:57:06

thunderbird security update

2024-03-27 04:34:32

firefox security update

2024-03-27 04:34:32

almalinux

Moderate: nss security update

2024-01-10 00:00:00

Moderate: nss security update

2024-01-10 00:00:00

Moderate: thunderbird security update

2024-03-25 00:00:00

cve

CVE-2023-5388

2024-03-19 12:15:07

cvelist

CVE-2023-5388

2024-03-19 12:02:54

ubuntucve

CVE-2023-5388

2023-10-23 00:00:00

CVE-2023-4421

2023-12-12 00:00:00

photon

Moderate Photon OS Security Update - PHSA-2024-3.0-0739

2024-03-20 00:00:00

Moderate Photon OS Security Update - PHSA-2024-5.0-0234

2024-03-28 00:00:00

Important Photon OS Security Update - PHSA-2024-4.0-0584

2024-03-27 00:00:00

debian

[SECURITY] [DLA 3757-1] nss security update

2024-03-11 05:37:41

[SECURITY] [DSA 5643-1] firefox-esr security update

2024-03-21 19:19:35

[SECURITY] [DSA 5644-1] thunderbird security update

2024-03-21 19:22:16

ubuntu

NSS vulnerabilities

2024-04-10 00:00:00

NSS regression

2024-04-11 00:00:00

Thunderbird vulnerabilities

2024-03-26 00:00:00

ibm

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

2024-03-15 13:52:35

mageia

Updated rootcerts, nss and firefox packages fix security vulnerabilities

2024-02-27 04:08:24

Updated thunderbird packages fix security vulnerabilities

2024-03-27 22:40:25

Updated nss firefox, nss packages fix security vulnerabilities

2024-03-27 22:24:13

centos

thunderbird security update

2024-04-03 14:01:39

firefox security update

2024-04-03 14:00:43

mozilla

Security Vulnerabilities fixed in Thunderbird 115.9 — Mozilla

2024-03-19 00:00:00

Security Vulnerabilities fixed in Firefox ESR 115.9 — Mozilla

2024-03-19 00:00:00

Security Vulnerabilities fixed in Firefox 124 — Mozilla

2024-03-19 00:00:00

kaspersky

KLA65225 Multiple vulnerabilities in Mozilla Firefox ESR

2024-03-19 00:00:00

KLA65226 Multiple vulnerabilities in Mozilla Thunderbird

2024-03-19 00:00:00

slackware

[slackware-security] mozilla-firefox

2024-03-20 00:27:50

[slackware-security] mozilla-thunderbird

2024-03-20 00:28:21

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

JSON

Related for NVD:CVE-2023-5388

osv19 oraclelinux8 amazon2 nessus71 redhatcve1 redhat27 vulnrichment1 openvas28 debiancve1 f51 alpinelinux1 cgr1 rocky3 almalinux6 cve1 cvelist1 ubuntucve2 photon3 debian5 ubuntu4 ibm1 mageia3 centos2 mozilla3 kaspersky2 slackware2