Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-68121

Опубликовано: 16 янв. 2026
Источник: ubuntu
Приоритет: medium
EPSS Низкий

Описание

[crypto/tls: Config.Clone copies automatically generated session ticket keys, session resumption does not account for the expiration of full certificate chain]

РелизСтатусПримечание
devel

DNE

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

needs-triage

esm-infra/xenial

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

esm-apps/jammy

needs-triage

esm-apps/xenial

needs-triage

esm-infra/focal

needs-triage

jammy

needs-triage

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

jammy

needs-triage

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/xenial

needs-triage

jammy

needs-triage

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

jammy

needs-triage

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

jammy

needs-triage

noble

needs-triage

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

jammy

needs-triage

noble

needs-triage

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

jammy

needs-triage

noble

needs-triage

questing

needs-triage

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

needs-triage

jammy

DNE

noble

DNE

questing

needs-triage

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

needs-triage

jammy

DNE

noble

DNE

questing

needs-triage

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/xenial

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 0%
0.00007
Низкий

Связанные уязвимости

nvd логотип

CVE-2025-68121

nvd
2 дня назад

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.

debian логотип

CVE-2025-68121

debian
2 дня назад

During session resumption in crypto/tls, if the underlying Config has ...

github логотип

GHSA-h355-32pf-p2xm

CVSS3: 4.8
github
2 дня назад

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.

suse-cvrf логотип

openSUSE-SU-2026:20085-1

suse-cvrf
16 дней назад

Security update for go1.25

suse-cvrf логотип

openSUSE-SU-2026:20077-1

suse-cvrf
16 дней назад

Security update for go1.24

EPSS

Процентиль: 0%
0.00007
Низкий
Уязвимость CVE-2025-68121