Versions mentioned in the description apply to the upstream
Remediation section below for
Amazon-Linux:2018.03 relevant versions.
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities: CVE-2020-25648: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. 1887319: CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack
nss-sysinit to version 3.53.1-7.85.amzn1 or higher.
This issue was patched in