Описание
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
| Релиз | Статус | Примечание |
|---|---|---|
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | DNE | |
| esm-apps/bionic | released | 1.13.8-1ubuntu1~18.04.4+esm1 |
| esm-apps/jammy | released | 1.13.8-1ubuntu2.22.04.2 |
| esm-apps/xenial | released | 1.13.8-1ubuntu1~16.04.3+esm3 |
| esm-infra/focal | released | 1.13.8-1ubuntu1.2 |
| focal | released | 1.13.8-1ubuntu1.2 |
| jammy | released | 1.13.8-1ubuntu2.22.04.2 |
| lunar | DNE | |
| mantic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| impish | ignored | end of life |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | DNE | |
| esm-apps/bionic | released | 1.16.2-0ubuntu1~18.04.2+esm1 |
| esm-apps/focal | released | 1.16.2-0ubuntu1~20.04.1 |
| focal | released | 1.16.2-0ubuntu1~20.04.1 |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| impish | ignored | end of life |
| jammy | needed | |
| kinetic | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.18.1-1ubuntu1~18.04.4 |
| devel | DNE | |
| esm-apps/bionic | released | 1.18.1-1ubuntu1~18.04.4 |
| esm-apps/focal | released | 1.18.1-1ubuntu1~20.04.2 |
| esm-apps/xenial | released | 1.18.1-1ubuntu1~16.04.4 |
| focal | released | 1.18.1-1ubuntu1~20.04.2 |
| jammy | released | 1.18.1-1ubuntu1.1 |
| kinetic | DNE | |
| lunar | DNE | |
| mantic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
3.1 Low
CVSS3
Связанные уязвимости
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
Non-random values for ticket_age_add in session tickets in crypto/tls ...
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
EPSS
3.1 Low
CVSS3