A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
History

Mon, 21 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox_esr:52.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:52.0:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2018-06-11T21:00:00

Updated: 2024-08-05T15:04:14.697Z

Reserved: 2017-01-13T00:00:00

Link: CVE-2017-5462

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-06-11T21:29:07.093

Modified: 2024-11-21T03:27:40.397

Link: CVE-2017-5462

cve-icon Redhat

Severity : Moderate

Publid Date: 2017-04-19T00:00:00Z

Links: CVE-2017-5462 - Bugzilla