Show plain JSON{"containers": {"cna": {"affected": [{"product": "Network Security Services (NSS)", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "All versions prior to NSS 3.41"}]}], "descriptions": [{"lang": "en", "value": "A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41."}], "problemTypes": [{"descriptions": [{"description": "Cryptographic Issues", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-12T06:10:59", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"name": "107260", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/107260"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12404"}, {"name": "openSUSE-SU-2019:1758", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00021.html"}, {"name": "RHSA-2019:2237", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:2237"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"name": "[debian-lts-announce] 20200929 [SECURITY] [DLA 2388-1] nss security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2018-12404", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Network Security Services (NSS)", "version": {"version_data": [{"version_value": "All versions prior to NSS 3.41"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cryptographic Issues"}]}]}, "references": {"reference_data": [{"name": "107260", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107260"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12404", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12404"}, {"name": "openSUSE-SU-2019:1758", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00021.html"}, {"name": "RHSA-2019:2237", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2237"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"name": "[debian-lts-announce] 20200929 [SECURITY] [DLA 2388-1] nss security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"}, {"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T08:38:05.124Z"}, "title": "CVE Program Container", "references": [{"name": "107260", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/107260"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12404"}, {"name": "openSUSE-SU-2019:1758", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00021.html"}, {"name": "RHSA-2019:2237", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:2237"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"name": "[debian-lts-announce] 20200929 [SECURITY] [DLA 2388-1] nss security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2018-12404", "datePublished": "2019-05-02T16:40:14", "dateReserved": "2018-06-14T00:00:00", "dateUpdated": "2024-08-05T08:38:05.124Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}