{"id":"CVE-2018-12404","details":"A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.","modified":"2026-04-16T01:38:39.710885674Z","published":"2019-05-02T17:29:01.677Z","related":["SUSE-SU-2018:4235-1","SUSE-SU-2018:4236-1","SUSE-SU-2018:4236-2","SUSE-SU-2019:0273-1","openSUSE-SU-2019:0183-1","openSUSE-SU-2019:1758-1","openSUSE-SU-2024:11058-1"],"references":[{"type":"WEB","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00021.html"},{"type":"ADVISORY","url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/107260"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2237"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12404"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"3.41"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-12404.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}