0.002 Low
EPSS
Percentile
53.5%
An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
bugzilla.redhat.com/show_bug.cgi?id=1396548
www.mozilla.org/en-US/security/advisories/mfsa2016-89/#CVE-2016-9074