data/reports/GO-2023-1534.yaml - vulndb - Git at Google

 id: GO-2023-1534
 modules:
     - module: github.com/pion/dtls/v2
       versions:
         - fixed: 2.2.4
       vulnerable_at: 2.2.3
       packages:
         - package: github.com/pion/dtls/v2/pkg/protocol/handshake
           symbols:
             - MessageHelloVerifyRequest.Unmarshal
           derived_symbols:
             - Handshake.Unmarshal
 summary: Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2
 description: |-
     Unmarshalling a Hello Verify request can panic, which could allow a denial of
     service.
 ghsas:
     - GHSA-4xgv-j62q-h3rj
 references:
     - fix: https://github.com/pion/dtls/commit/a50d26c5e4eed2ca87509494ffef2d2ebd22b1eb
 review_status: REVIEWED
	id: GO-2023-1534
	modules:
	- module: github.com/pion/dtls/v2
	versions:
	- fixed: 2.2.4
	vulnerable_at: 2.2.3
	packages:
	- package: github.com/pion/dtls/v2/pkg/protocol/handshake
	symbols:
	- MessageHelloVerifyRequest.Unmarshal
	derived_symbols:
	- Handshake.Unmarshal
	summary: Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2
	description: \|-
	Unmarshalling a Hello Verify request can panic, which could allow a denial of
	service.
	ghsas:
	- GHSA-4xgv-j62q-h3rj
	references:
	- fix: https://github.com/pion/dtls/commit/a50d26c5e4eed2ca87509494ffef2d2ebd22b1eb
	review_status: REVIEWED