0.002 Low
EPSS
Percentile
56.9%
NSS is vulnerable to information disclosure attacks. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group which may leads to small subgroup confinement attacks.
rhn.redhat.com/errata/RHSA-2016-2779.html
www.securityfocus.com/bid/94346
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8635
security.gentoo.org/glsa/201701-46