Skip to main content

Dtls

5 CVEs product

Monthly

CVE-2026-54908 MEDIUM PATCH This Month

Remote denial of service in pion/dtls (Go's DTLS implementation) versions prior to 3.1.4 allows an unauthenticated network attacker to crash any application built on this library by sending a crafted ECDHE_PSK ServerKeyExchange message during the DTLS handshake. The CWE-125 out-of-bounds read triggers a Go runtime panic, immediately terminating the host process. No public exploit code has been identified and this vulnerability is not listed in CISA KEV; a vendor-released patch exists in version 3.1.4.

Denial Of Service Buffer Overflow Information Disclosure Dtls
NVD GitHub
CVSS 4.0
6.3
EPSS
0.3%
CVE-2026-26014 Go MEDIUM PATCH This Month

Pion DTLS is a Go implementation of Datagram Transport Layer Security. [CVSS 5.9 MEDIUM]

Golang Dtls Red Hat Suse
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2022-29222 Go HIGH PATCH This Week

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dtls
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-29190 Go HIGH PATCH This Week

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dtls
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-29189 Go MEDIUM PATCH This Month

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Dtls
NVD GitHub
CVSS 3.1
5.3
EPSS
1.8%
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Remote denial of service in pion/dtls (Go's DTLS implementation) versions prior to 3.1.4 allows an unauthenticated network attacker to crash any application built on this library by sending a crafted ECDHE_PSK ServerKeyExchange message during the DTLS handshake. The CWE-125 out-of-bounds read triggers a Go runtime panic, immediately terminating the host process. No public exploit code has been identified and this vulnerability is not listed in CISA KEV; a vendor-released patch exists in version 3.1.4.

Denial Of Service Buffer Overflow Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Pion DTLS is a Go implementation of Datagram Transport Layer Security. [CVSS 5.9 MEDIUM]

Golang Dtls Red Hat +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dtls
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dtls
NVD GitHub
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Dtls
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy