Lucene search
K

5 matches found

UbuntuCve
UbuntuCve
added 2026/01/28 8:16 p.m.6 views

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS6.8AI score0.00276EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.8 views

PT-2026-2490

Name of the Vulnerable Software and Affected Versions Go versions prior to 1.26 Release Candidate 3 Description The issue resides within the crypto/tls package, specifically during TLS session resumption. If the underlying Config object has its ClientCAs or RootCAs fields modified between the...

10CVSS7.3AI score0.00765EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/05/22 9:48 a.m.3 views

golang: crypto/tls: panic when processing post-handshake message on QUIC connections

A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic...

7.5CVSS7.3AI score0.01146EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/15 7:24 a.m.9 views

golang: crypto/tls: panic when processing post-handshake message on QUIC connections

A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic...

7.5CVSS7.3AI score0.01146EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/01/24 12:51 p.m.5 views

golang: crypto/tls: session tickets lack random ticket_age_add

A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption...

3.1CVSS6.6AI score0.0088EPSS
Exploits1References5
Rows per page
Query Builder