Source |
CVE Liste |
Identifiant |
2848110 |
Date de publication |
2021-05-27 19:15:07 (vue: 2021-05-27 21:05:41) |
Titre |
CVE-2020-12403 |
Texte |
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability. |
Envoyé |
Oui |
Condensat |
12403 2020 availability before bounds cause chacha20 confidentiality correctly could cve disabling enforcing explicitly fixed flaw found from functioning highest implemented issue length multi not nss out part poly1305 reads strictly system tag threat using versions vulnerability way when which |
Tags |
Vulnerability
Threat
|
Stories |
|
Notes |
|
Move |
|