pkg.go.dev Open in urlscan Pro
2600:1901:0:f535::  Public Scan

Form analysis
3 forms found in the DOM

/search

<form class="go-InputGroup go-ShortcutKey go-SearchForm-form" action="/search" data-shortcut="/" data-shortcut-alt="search" data-gtmc="search form" aria-label="Search for a package" role="search">
  <input name="q" class="go-Input js-searchFocus" aria-label="Search for a package" type="search" autocapitalize="off" autocomplete="off" autocorrect="off" spellcheck="false" placeholder="Search packages or symbols" value="">
  <input name="m" value="" hidden="">
  <button class="go-Button go-Button--inverted" aria-label="Submit search">
    <img class="go-Icon" height="24" width="24" src="/static/shared/icon/search_gm_grey_24dp.svg" alt="">
  </button>
</form>

DIALOG

<form method="dialog" data-gmtc="jump to form" aria-label="Jump to Identifier">
  <div class="Dialog-title go-Modal-header">
    <h2>Jump to</h2>
    <button class="go-Button go-Button--inline" type="button" data-modal-close="" data-gtmc="modal button" aria-label="Close">
      <img class="go-Icon" height="24" width="24" src="/static/shared/icon/close_gm_grey_24dp.svg" alt="">
    </button>
  </div>
  <div class="JumpDialog-filter">
    <input class="JumpDialog-input go-Input" autocomplete="off" type="text">
  </div>
  <div class="JumpDialog-body go-Modal-body">
    <div class="JumpDialog-list"></div>
  </div>
  <div class="go-Modal-actions">
    <button class="go-Button" data-test-id="close-dialog">Close</button>
  </div>
</form>

DIALOG

<form method="dialog">
  <div class="go-Modal-header">
    <h2>Keyboard shortcuts</h2>
    <button class="go-Button go-Button--inline" type="button" data-modal-close="" data-gtmc="modal button" aria-label="Close">
      <img class="go-Icon" height="24" width="24" src="/static/shared/icon/close_gm_grey_24dp.svg" alt="">
    </button>
  </div>
  <div class="go-Modal-body">
    <table>
      <tbody>
        <tr>
          <td class="ShortcutsDialog-key">
            <strong>?</strong>
          </td>
          <td> : This menu</td>
        </tr>
        <tr>
          <td class="ShortcutsDialog-key">
            <strong>/</strong>
          </td>
          <td> : Search site</td>
        </tr>
        <tr>
          <td class="ShortcutsDialog-key">
            <strong>f</strong> or <strong>F</strong>
          </td>
          <td> : Jump to</td>
        </tr>
        <tr>
          <td class="ShortcutsDialog-key"><strong>y</strong> or <strong>Y</strong></td>
          <td> : Canonical URL</td>
        </tr>
      </tbody>
    </table>
  </div>
  <div class="go-Modal-actions">
    <button class="go-Button" data-test-id="close-dialog">Close</button>
  </div>
</form>

Text Content

Skip to Main Content
 * Why Go
   * Case Studies
     
     Common problems companies solve with Go
   
   * Use Cases
     
     Stories about how and why companies use Go
   
   * Security Policy
     
     How Go can help keep you secure by default
 * Learn
 * Docs
   * Effective Go
     
     Tips for writing clear, performant, and idiomatic Go code
   
   * Go User Manual
     
     A complete introduction to building software with Go
   
   * Standard library
     
     Reference documentation for Go's standard library
   
   * Release Notes
     
     Learn what's new in each Go release
 * Packages
 * Community
   * Recorded Talks
     
     Videos from prior events
   
   * Meetups
     
     Meet other local Go developers
   
   * Conferences
     
     Learn and network with Go developers from around the world
   
   * Go blog
     
     The Go project's official blog.
   
   * Go project
     
     Get help and stay informed from Go
   
   * Get connected
     
     
     
     

 * Why Go
   Why Go
    * Case Studies
    * Use Cases
    * Security Policy

 * Learn
 * Docs
   Docs
    * Effective Go
    * Go User Manual
    * Standard library
    * Release Notes

 * Packages
 * Community
   Community
    * Recorded Talks
    * Meetups
    * Conferences
    * Go blog
    * Go project
    * Get connected
      


 1. Vulnerability Database
 2. All Reports
 3. GO-2022-0531


VULNERABILITY REPORT: GO-2022-0531

standard library
 * CVE-2022-30629
 * Affects: crypto/tls
 * Published: Jul 28, 2022
 * Modified: May 20, 2024

An attacker can correlate a resumed TLS session with a previous connection.
Session tickets generated by crypto/tls do not contain a randomly generated
ticket_age_add, which allows an attacker that can observe TLS handshakes to
correlate successive connections by comparing ticket ages during session
resumption.


AFFECTED PACKAGES

 * Path
   Versions
   Symbols
 * crypto/tls
   before go1.17.11, from go1.18.0-0 before go1.18.3
   1 unexported affected symbols
    * serverHandshakeStateTLS13.sendSessionTickets


ALIASES

 * CVE-2022-30629


REFERENCES

 * https://go.dev/cl/405994
 * https://go.googlesource.com/go/+/fe4de36198794c447fbd9d7cc2d7199a506c76a5
 * https://go.dev/issue/52814
 * https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ
 * https://vuln.go.dev/ID/GO-2022-0531.json


CREDITS

 * Github user @nervuri


FEEDBACK

See anything missing or incorrect? Suggest an edit to this report.
Why Go Use Cases Case Studies
Get Started Playground Tour Stack Overflow Help
Packages Standard Library Sub-repositories About Go Packages
About Download Blog Issue Tracker Release Notes Brand Guidelines Code of Conduct
Connect Twitter GitHub Slack r/golang Meetup Golang Weekly
 * Copyright
 * Terms of Service
 * Privacy Policy
 * Report an Issue

 * Theme Toggle

 * Shortcuts Modal


JUMP TO



Close


KEYBOARD SHORTCUTS

? : This menu / : Search site f or F : Jump to y or Y : Canonical URL

Close
go.dev uses cookies from Google to deliver and enhance the quality of its
services and to analyze traffic. Learn more.
Okay