Dtls
Monthly
Remote denial of service in pion/dtls (Go's DTLS implementation) versions prior to 3.1.4 allows an unauthenticated network attacker to crash any application built on this library by sending a crafted ECDHE_PSK ServerKeyExchange message during the DTLS handshake. The CWE-125 out-of-bounds read triggers a Go runtime panic, immediately terminating the host process. No public exploit code has been identified and this vulnerability is not listed in CISA KEV; a vendor-released patch exists in version 3.1.4.
Pion DTLS is a Go implementation of Datagram Transport Layer Security. [CVSS 5.9 MEDIUM]
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Remote denial of service in pion/dtls (Go's DTLS implementation) versions prior to 3.1.4 allows an unauthenticated network attacker to crash any application built on this library by sending a crafted ECDHE_PSK ServerKeyExchange message during the DTLS handshake. The CWE-125 out-of-bounds read triggers a Go runtime panic, immediately terminating the host process. No public exploit code has been identified and this vulnerability is not listed in CISA KEV; a vendor-released patch exists in version 3.1.4.
Pion DTLS is a Go implementation of Datagram Transport Layer Security. [CVSS 5.9 MEDIUM]
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.