A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote malicious user to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions prior to 3.58.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla network security services |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 8.0 |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |
||
oracle communications offline mediation controller 12.0.0.3.0 |
||
oracle communications pricing design center 12.0.0.3.0 |
||
oracle jd edwards enterpriseone tools |