Vulnerability Report: GO-2022-0461
- CVE-2022-29189, GHSA-cx94-mrg9-rq4j
- Affects: github.com/pion/dtls/v2
- Published: Jul 01, 2022
- Modified: May 20, 2024
Attacker can cause unbounded memory consumption. The Pion DTLS client and server buffer handshake data with no upper limit, permitting an attacker to cause unbounded memory consumption by sending an unterminated handshake.
Affected Packages
-
PathGo VersionsSymbols
-
before v2.1.4
7 affected symbols
Aliases
References
- https://github.com/pion/dtls/commit/a6397ff7282bc56dc37a68ea9211702edb4de1de
- https://vuln.go.dev/ID/GO-2022-0461.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.