| Max CVSS | 10.0 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-12403 | 6.4 |
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not function
|
24-03-2023 - 16:15 | 27-05-2021 - 19:15 | |
| CVE-2020-6829 | 5.0 |
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the p
|
20-02-2023 - 17:15 | 28-10-2020 - 12:15 | |
| CVE-2020-12400 | 1.2 |
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
|
20-02-2023 - 17:15 | 08-10-2020 - 14:15 | |
| CVE-2020-12401 | 1.9 |
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for
|
20-02-2023 - 17:15 | 08-10-2020 - 14:15 | |
| CVE-2019-17023 | 4.3 |
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored.
|
27-01-2023 - 18:24 | 08-01-2020 - 22:15 | |
| CVE-2020-12402 | 1.2 |
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to re
|
04-01-2022 - 16:38 | 09-07-2020 - 15:15 | |
| CVE-2019-17006 | 10.0 |
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer ove
|
21-07-2021 - 11:39 | 22-10-2020 - 21:15 | |
| CVE-2020-12402 | 1.2 |
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to re
|
30-09-2020 - 18:15 | 09-07-2020 - 15:15 | |
| CVE-2019-11719 | 5.0 |
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Fir
|
30-09-2020 - 18:15 | 23-07-2019 - 14:15 | |
| CVE-2019-11719 | 5.0 |
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Fir
|
30-09-2020 - 18:15 | 23-07-2019 - 14:15 | |
| CVE-2019-11756 | 6.8 |
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.
|
13-01-2020 - 18:02 | 08-01-2020 - 20:15 | |
| CVE-2019-11727 | 5.0 |
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should
|
30-07-2019 - 23:15 | 23-07-2019 - 14:15 |