{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T09:26:46.968","vulnerabilities":[{"cve":{"id":"CVE-2020-12401","sourceIdentifier":"security@mozilla.org","published":"2020-10-08T14:15:11.250","lastModified":"2024-11-21T04:59:38.763","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80."},{"lang":"es","value":"Durante la generación de firmas ECDSA, fue removido el relleno aplicado en el nonce diseñado para asegurar la multiplicación escalar de tiempo constante, resultando en una ejecución de tiempo variable dependiente de datos secretos.&#xa0;Esta vulnerabilidad afecta a Firefox versiones anteriores a 80 y Firefox para Android versiones anteriores a 80"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:N/A:N","baseScore":1.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.4,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-203"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"80.0","matchCriteriaId":"334D3118-529D-4AAB-82A4-1EC3AA047D3D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*","versionEndExcluding":"80.0","matchCriteriaId":"78F3BE06-CA45-47C1-B3FD-04DCEDDCCB5A"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1631573","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html","source":"security@mozilla.org"},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-36/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-39/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1631573","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-36/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-39/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}