|Type||Denial of service|
A security issue has been found in the NSS component of Firefox before 72.0. After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored.
|08 Jan 2020||ASA-202001-1||AVG-1084||firefox||Critical||multiple issues|