DEBIAN-CVE-2022-30629

DEBIAN-CVE-2022-30629 PUBLISHED CVSS 3.0999999046325684 LOW

Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.

Risk Scores

CVSS v3.1

3.0999999046325684

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:11	golang-1.15	0, 1.15.15-1, 1.15.15-1

Timeline

Aug 10, 2022 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2022-30629 advisory

Open in Interactive Console →