blob: 3431123d3635a3569187fad0ea2d3a6aaff8bce7 [file] [log] [blame]
id: GO-2021-0104
modules:
- module: github.com/pion/webrtc/v3
versions:
- fixed: 3.0.15
vulnerable_at: 3.0.14
packages:
- package: github.com/pion/webrtc/v3
symbols:
- DTLSTransport.Start
derived_symbols:
- PeerConnection.AddTrack
- PeerConnection.AddTransceiverFromKind
- PeerConnection.AddTransceiverFromTrack
- PeerConnection.CreateDataChannel
- PeerConnection.RemoveTrack
- PeerConnection.SetLocalDescription
- PeerConnection.SetRemoteDescription
- operations.Done
- operations.Enqueue
summary: Authorization bypass in github.com/pion/webrtc/v3
description: |-
Due to improper error handling, DTLS connections were not killed when
certificate verification failed, causing users who did not check the connection
state to continue to use the connection. This could allow allow an attacker
which holds the ICE password, but not a valid certificate, to bypass this
restriction.
published: 2021-07-28T18:08:05Z
cves:
- CVE-2021-28681
ghsas:
- GHSA-74xm-qj29-cq8p
credits:
- Gaukas Wang (@Gaukas)
references:
- fix: https://github.com/pion/webrtc/pull/1709
- fix: https://github.com/pion/webrtc/commit/545613dcdeb5dedb01cce94175f40bcbe045df2e
- web: https://github.com/pion/webrtc/issues/1708
review_status: REVIEWED