blob: 1da2e58eae8e63649dc3e475521a09e10ce37530 [file] [log] [blame]
packages:
- module: github.com/pion/dtls/v2
symbols:
- fragmentBuffer.pop
derived_symbols:
- Client
- ClientWithContext
- Dial
- DialWithContext
- Resume
- Server
- ServerWithContext
- handshakeFSM.Run
- listener.Accept
versions:
- fixed: 2.1.4
vulnerable_at: 2.1.3
description: |
An attacker can send packets that send the DTLS server or client
into an infinite loop.
cves:
- CVE-2022-29190
ghsas:
- GHSA-cm8f-h6j3-p25c
links:
commit: https://github.com/pion/dtls/commit/e0b2ce3592e8e7d73713ac67b363a2e192a4cecf