CVE-2023-5388

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-5388

Severity

Unknown

Description

NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

References

https://images.chainguard.dev/security/CGA-5mc2-hfw4-7vcw
https://github.com/advisories/GHSA-g2hf-9hjx-2rxj
https://bugzilla.mozilla.org/show_bug.cgi?id=1780432
https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
https://www.mozilla.org/security/advisories/mfsa2024-12/
https://www.mozilla.org/security/advisories/mfsa2024-13/
https://www.mozilla.org/security/advisories/mfsa2024-14/
https://security.alpinelinux.org/vuln/CVE-2023-5388

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2023-5388

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company