Lucene search
K

4 matches found

OSV
OSV
added 2026/02/11 9:16 p.m.4 views

DEBIAN-CVE-2026-26014

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.0.10 and 3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonc...

5.9CVSS5.5AI score0.00619EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 9:7 p.m.6 views

CVE-2026-26014 Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a...

5.9CVSS5.6AI score0.00619EPSS
Exploits0References4
OSV
OSV
added 2022/05/21 12:15 a.m.3 views

UBUNTU-CVE-2022-29222

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection...

7.5CVSS7.1AI score0.00702EPSS
Exploits0References8
OSV
OSV
added 2022/05/21 12:15 a.m.3 views

UBUNTU-CVE-2022-29189

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or timed out. An attacker could explo...

5.3CVSS6.3AI score0.0183EPSS
Exploits0References8
Rows per page
Query Builder