CVE-2022-30629
CVSS v3.1
3.1 (Low)
EPSS
0.14 % (50th)
Affected Products
1
Advisories
63
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
Weaknesses
- CWE-330
- Use of Insufficiently Random Values
- CVE Status
- PUBLISHED
- CNA
- Go Project
- Published Date
-
2022-08-10 20:15:40
(2 years ago) - Updated Date
-
2023-11-07 03:47:16
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...