Dtls
CVE-2022-29190
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available.
AnalysisAI
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-835. Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available. Affected products include: Pion Dtls. Version information: version 2.1.4.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerabilit
Remote denial of service in pion/dtls (Go's DTLS implementation) versions prior to 3.1.4 allows an unauthenticated netwo
Pion DTLS is a Go implementation of Datagram Transport Layer Security. [CVSS 5.9 MEDIUM]
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated medium severity (CVSS 5.3), this vulnerabil
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today