Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-30629

Опубликовано: 10 авг. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 3.1

Описание

Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.

РелизСтатусПримечание
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

DNE

esm-apps/bionic

released

1.13.8-1ubuntu1~18.04.4+esm1
esm-apps/jammy

released

1.13.8-1ubuntu2.22.04.2
esm-apps/xenial

released

1.13.8-1ubuntu1~16.04.3+esm3
esm-infra/focal

not-affected

1.13.8-1ubuntu1.2
focal

released

1.13.8-1ubuntu1.2
jammy

released

1.13.8-1ubuntu2.22.04.2
lunar

DNE

mantic

DNE

Показывать по

РелизСтатусПримечание
impish

ignored

end of life
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

DNE

esm-apps/bionic

released

1.16.2-0ubuntu1~18.04.2+esm1
esm-apps/focal

released

1.16.2-0ubuntu1~20.04.1
focal

released

1.16.2-0ubuntu1~20.04.1
jammy

DNE

lunar

DNE

mantic

DNE

noble

DNE

oracular

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

impish

ignored

end of life
jammy

needed

kinetic

DNE

lunar

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

released

1.18.1-1ubuntu1~18.04.4
devel

DNE

esm-apps/bionic

released

1.18.1-1ubuntu1~18.04.4
esm-apps/xenial

released

1.18.1-1ubuntu1~16.04.4
esm-infra/focal

DNE

focal was released [1.18.1-1ubuntu1~20.04.2]
focal

released

1.18.1-1ubuntu1~20.04.2
jammy

released

1.18.1-1ubuntu1.1
kinetic

DNE

lunar

DNE

mantic

DNE

Показывать по

РелизСтатусПримечание
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
esm-apps/bionic

not-affected

code not present
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 15%
0.00048
Низкий

3.1 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-30629

CVSS3: 3.1
redhat
около 3 лет назад

Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.

nvd логотип

CVE-2022-30629

CVSS3: 3.1
nvd
почти 3 года назад

Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.

msrc логотип

CVE-2022-30629

CVSS3: 3.1
msrc
почти 3 года назад

Описание отсутствует

debian логотип

CVE-2022-30629

CVSS3: 3.1
debian
почти 3 года назад

Non-random values for ticket_age_add in session tickets in crypto/tls ...

github логотип

GHSA-j55j-52j7-vq87

CVSS3: 7.5
github
почти 3 года назад

Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.

EPSS

Процентиль: 15%
0.00048
Низкий

3.1 Low

CVSS3