github.com/pion/dtls/v2

Go3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/pion/dtls/v2page 1 of 1

CVE-2022-29189MEDIUMCVSS 5.3EG 5.3✓ Fixed in 2.1.4
2022-05-21
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the…
CVE-2022-29190HIGHCVSS 7.5EG 7.5✓ Fixed in 2.1.4
2022-05-21
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There ar…
CVE-2022-29222MEDIUMCVSS 5.9EG 5.9✓ Fixed in 2.1.5
2022-05-21
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users …

Check whether github.com/pion/dtls/v2 is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/pion/dtls/v2 CVEs against the assets you own.

Start Free Scan →