{"id":"CVE-2023-5388","details":"NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.","modified":"2026-03-13T07:48:17.447911Z","published":"2024-03-19T12:15:07.537Z","related":["ALSA-2024:0105","ALSA-2024:0108","ALSA-2024:1484","ALSA-2024:1485","ALSA-2024:1493","ALSA-2024:1494","CGA-7p45-j8hp-3p42","MGASA-2024-0049","MGASA-2024-0092","MGASA-2024-0094","SUSE-RU-2024:2564-1","SUSE-RU-2024:2684-1","SUSE-SU-2024:0578-1","SUSE-SU-2024:0579-1","SUSE-SU-2024:0597-1","SUSE-SU-2024:0971-1","SUSE-SU-2024:1002-1","SUSE-SU-2024:1147-1","SUSE-SU-2024:2600-1","SUSE-SU-2025:20030-1","openSUSE-SU-2024:13789-1","openSUSE-SU-2024:13793-1","openSUSE-SU-2024:13795-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00010.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-12/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-13/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-14/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1780432"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"115.9.0"}]},{"events":[{"introduced":"0"},{"fixed":"124.0"}]},{"events":[{"introduced":"0"},{"fixed":"115.9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-5388.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}]}