VYPR
Unrated severityNVD Advisory· Published Oct 8, 2020· Updated Aug 4, 2024

CVE-2020-12401

CVE-2020-12401

Description

During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

75

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.