Amazon Linux 2 : nss (ALAS-2018-1095)
High Nessus Plugin ID 118402
SynopsisThe remote Amazon Linux 2 host is missing a security update.
DescriptionA flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this flaw in a passive replay attack.(CVE-2018-12384)
SolutionRun 'yum update nss' to update your system.