Coia Prant

**Name of the Vulnerable Software and Affected Versions** Go versions prior to 1.26 Release Candidate 3 **Description** The issue resides within the crypto/tls package, specifically during TLS session resumption. If the underlying `Config` object has its `ClientCAs` or `RootCAs` fields modified between the initial handshake and a resumed handshake, the resumed handshake might incorrectly succeed. This can occur when using `Config.Clone` followed by modifications to the cloned configuration, or when utilizing `Config.GetConfigForClient`. This could allow a client to resume a session with a server it shouldn't, or vice versa. The issue also relates to the copying of automatically generated session ticket keys during `Config.Clone` and the failure of session resumption to account for the expiration of the full certificate chain. **Recommendations** Update to Go version 1.26 Release Candidate 3 or later.

**Name of the Vulnerable Software and Affected Versions** versions prior to TLS 1.3 **Description** A flaw exists in the TLS 1.3 handshake process where messages spanning encryption level boundaries can be processed prematurely. This can lead to minor information disclosure if a network-local attacker injects messages during the handshake. Specifically, if multiple messages are sent in records that cross encryption level boundaries, such as the Client Hello and Encrypted Extensions messages, subsequent messages might be processed before the encryption level is fully established. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.