Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-30629

Опубликовано: 10 авг. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 3.1

Описание

Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.

РелизСтатусПримечание
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

DNE

esm-apps-legacy/xenial

released

1.13.8-1ubuntu1~16.04.3+esm3
esm-apps/bionic

released

1.13.8-1ubuntu1~18.04.4+esm1
esm-apps/jammy

released

1.13.8-1ubuntu2.22.04.2
esm-apps/xenial

released

1.13.8-1ubuntu1~16.04.3+esm3
esm-infra/focal

released

1.13.8-1ubuntu1.2
focal

released

1.13.8-1ubuntu1.2
jammy

released

1.13.8-1ubuntu2.22.04.2
lunar

DNE

Показывать по

РелизСтатусПримечание
impish

ignored

end of life
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

DNE

esm-apps/bionic

released

1.16.2-0ubuntu1~18.04.2+esm1
esm-apps/focal

released

1.16.2-0ubuntu1~20.04.1
focal

released

1.16.2-0ubuntu1~20.04.1
jammy

DNE

lunar

DNE

mantic

DNE

noble

DNE

oracular

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

impish

ignored

end of life
jammy

needed

kinetic

DNE

lunar

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

Показывать по

РелизСтатусПримечание
bionic

released

1.18.1-1ubuntu1~18.04.4
devel

DNE

esm-apps-legacy/xenial

released

1.18.1-1ubuntu1~16.04.4
esm-apps/bionic

released

1.18.1-1ubuntu1~18.04.4
esm-apps/focal

released

1.18.1-1ubuntu1~20.04.2
esm-apps/xenial

released

1.18.1-1ubuntu1~16.04.4
focal

released

1.18.1-1ubuntu1~20.04.2
jammy

released

1.18.1-1ubuntu1.1
kinetic

DNE

lunar

DNE

Показывать по

РелизСтатусПримечание
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
esm-apps/bionic

not-affected

code not present
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 55%
0.0088
Низкий

3.1 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-30629

CVSS3: 3.1
redhat
около 4 лет назад

Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.

nvd логотип

CVE-2022-30629

CVSS3: 3.1
nvd
почти 4 года назад

Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.

msrc логотип

CVE-2022-30629

CVSS3: 3.1
msrc
4 месяца назад

Session tickets lack random ticket_age_add in crypto/tls

debian логотип

CVE-2022-30629

CVSS3: 3.1
debian
почти 4 года назад

Non-random values for ticket_age_add in session tickets in crypto/tls ...

github логотип

GHSA-j55j-52j7-vq87

CVSS3: 7.5
github
почти 4 года назад

Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.

EPSS

Процентиль: 55%
0.0088
Низкий

3.1 Low

CVSS3

Уязвимость CVE-2022-30629