CVE-2023-6135

Updated: 2024-02-13 03:31:42.002938

Description:

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 4.3

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU nss 3.79.0 4.3 MEDIUM Needs Triage 2024-02-13 03:31:53
CentOS 6 ELS nss 3.44.0 4.3 MEDIUM Ignored 2024-02-13 10:09:27
CentOS 7 ELS nss 3.79.0 4.3 MEDIUM Ignored 2024-02-13 10:09:27
CentOS 8.4 ELS nss 3.67.0-6 4.3 MEDIUM Ignored 2024-02-13 10:09:27
CentOS 8.5 ELS nss 3.67.0-7 4.3 MEDIUM Ignored 2024-02-13 10:09:27
CloudLinux 6 ELS nss 3.44.0 4.3 MEDIUM Ignored 2024-02-13 10:09:27
Oracle Linux 6 ELS nss 3.44.0 4.3 MEDIUM Ignored 2024-02-13 10:09:27
Ubuntu 16.04 ELS nss 3.28.4-0 4.3 MEDIUM Ignored 2024-02-13 10:09:27
Ubuntu 18.04 ELS nss 3.35-2 4.3 MEDIUM Ignored 2024-02-13 10:09:27