VulnerableCode Package Details - pkg:rpm/redhat/nss@3.53.1-17?arch=el8

Search for packages

Vulnerability	Summary	Fixed by
VCID-k4a4-f1as-x3bj Aliases: CVE-2020-12400	NSS has multiple information disclosure vulnerabilities when handling secret key material.	There are no reported fixed by versions.
VCID-mx8t-s47w-wud5 Aliases: CVE-2020-6829	When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed.	There are no reported fixed by versions.
VCID-rk7t-zjzg-eqar Aliases: CVE-2020-12401	NSS has multiple information disclosure vulnerabilities when handling secret key material.	There are no reported fixed by versions.
VCID-szzk-wxm2-cfgj Aliases: CVE-2020-12403	NSS has multiple information disclosure vulnerabilities when handling secret key material.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-k4a4-f1as-x3bj
Aliases:
CVE-2020-12400

NSS has multiple information disclosure vulnerabilities when handling secret key material.

There are no reported fixed by versions.

VCID-mx8t-s47w-wud5
Aliases:
CVE-2020-6829

When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed.

There are no reported fixed by versions.

VCID-rk7t-zjzg-eqar
Aliases:
CVE-2020-12401

NSS has multiple information disclosure vulnerabilities when handling secret key material.

There are no reported fixed by versions.

VCID-szzk-wxm2-cfgj
Aliases:
CVE-2020-12403

NSS has multiple information disclosure vulnerabilities when handling secret key material.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:06:27.913949+00:00	RedHat Importer	Affected by	VCID-mx8t-s47w-wud5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6829.json	38.0.0
2026-04-01T14:05:57.131913+00:00	RedHat Importer	Affected by	VCID-rk7t-zjzg-eqar	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12401.json	38.0.0
2026-04-01T14:05:31.960888+00:00	RedHat Importer	Affected by	VCID-szzk-wxm2-cfgj	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12403.json	38.0.0
2026-04-01T14:05:30.404180+00:00	RedHat Importer	Affected by	VCID-k4a4-f1as-x3bj	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12400.json	38.0.0