| id: GO-2020-0038 |
| modules: |
| - module: github.com/pion/dtls |
| versions: |
| - fixed: 1.5.2 |
| vulnerable_at: 1.5.1 |
| packages: |
| - package: github.com/pion/dtls |
| symbols: |
| - Conn.handleIncomingPacket |
| derived_symbols: |
| - Client |
| - Dial |
| - Listener.Accept |
| - Resume |
| - Server |
| summary: Improper authentication in github.com/pion/dtls |
| description: |- |
| Due to improper verification of packets, unencrypted packets containing |
| application data are accepted after the initial handshake. This allows an |
| attacker to inject arbitrary data which the client/server believes was |
| encrypted, despite not knowing the session key. |
| published: 2021-04-14T20:04:52Z |
| cves: |
| - CVE-2019-20786 |
| ghsas: |
| - GHSA-7gfg-6934-mqq2 |
| references: |
| - fix: https://github.com/pion/dtls/pull/128 |
| - fix: https://github.com/pion/dtls/commit/fd73a5df2ff0e1fb6ae6a51e2777d7a16cc4f4e0 |
| - web: https://www.usenix.org/system/files/sec20fall_fiterau-brostean_prepub.pdf |
| review_status: REVIEWED |