nss is vulnerable to information disclosure. The vulnerability exists through cache side-channel variant of the Bleichenbacher attack.
lists.opensuse.org/opensuse-security-announce/2019-07/msg00021.html
www.securityfocus.com/bid/107260
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
access.redhat.com/errata/RHSA-2019:2237
access.redhat.com/security/updates/classification/#moderate
bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12404
bugzilla.redhat.com/show_bug.cgi?id=1144186
bugzilla.redhat.com/show_bug.cgi?id=1212132
bugzilla.redhat.com/show_bug.cgi?id=1431241
bugzilla.redhat.com/show_bug.cgi?id=1444136
bugzilla.redhat.com/show_bug.cgi?id=1455288
bugzilla.redhat.com/show_bug.cgi?id=1508571
bugzilla.redhat.com/show_bug.cgi?id=1508595
bugzilla.redhat.com/show_bug.cgi?id=1509045
bugzilla.redhat.com/show_bug.cgi?id=1509396
bugzilla.redhat.com/show_bug.cgi?id=1510156
bugzilla.redhat.com/show_bug.cgi?id=1514041
bugzilla.redhat.com/show_bug.cgi?id=1533729
bugzilla.redhat.com/show_bug.cgi?id=1538081
bugzilla.redhat.com/show_bug.cgi?id=1639873
bugzilla.redhat.com/show_bug.cgi?id=1657164
bugzilla.redhat.com/show_bug.cgi?id=1670239
bugzilla.redhat.com/show_bug.cgi?id=1712876
cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf
lists.debian.org/debian-lts-announce/2020/09/msg00029.html
us-cert.cisa.gov/ics/advisories/icsa-21-040-04
www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html