Unrated severityNVD Advisory· Published Aug 1, 2018· Updated Aug 6, 2024

CVE-2016-8635

Description

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

Affected products

Mozilla Corporation/Nssv5
Range: 3.21.x

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rhn.redhat.com/errata/RHSA-2016-2779.htmlmitrevendor-advisoryx_refsource_REDHAT
security.gentoo.org/glsa/201701-46mitrevendor-advisoryx_refsource_GENTOO
www.securityfocus.com/bid/94346mitrevdb-entryx_refsource_BID
bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000