Vulnerability Report: GO-2022-0461
- CVE-2022-29189, GHSA-cx94-mrg9-rq4j
- Affects: github.com/pion/dtls/v2
- Published: Jul 01, 2022
- Modified: Jun 12, 2023
Attacker can cause unbounded memory consumption. The Pion DTLS client and server buffer handshake data with no upper limit, permitting an attacker to cause unbounded memory consumption by sending an unterminated handshake.
Affected Packages
-
PathVersionsSymbols
-
before v2.1.4
7 affected symbols
Aliases
References
- https://github.com/pion/dtls/commit/a6397ff7282bc56dc37a68ea9211702edb4de1de
- https://vuln.go.dev/ID/GO-2022-0461.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.