CVE-2020-12399 log

Severity High
Remote Yes
Type Private key recovery
NSS before 3.52.1, as used in Firefox before 77.0 and Thunderbird before 68.9.0, has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys.
Group Package Affected Fixed Severity Status Ticket
AVG-1179 thunderbird 68.8.1-1 68.9.0-1 High Fixed
AVG-1173 firefox 76.0.1-1 77.0-1 High Fixed
Date Advisory Group Package Severity Type
06 Jun 2020 ASA-202006-4 AVG-1179 thunderbird High multiple issues
02 Jun 2020 ASA-202006-1 AVG-1173 firefox High multiple issues