3 matches found
UBUNTU-CVE-2026-54908
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Versions prior to 3.1.4 are vulnerable to Remote Denial of Service via panic while parsing a crafted ECDHEPSK ServerKeyExchange message. This issue has been fixed in version 3.1.4...
GO-2026-4479 Usage of random nonce generation with AES GCM ciphers risks leaking the authentication key in github.com/pion/dtls
Usage of random nonce generation with AES GCM ciphers risks leaking the authentication key in github.com/pion/dtls...
PT-2022-19474
Name of the Vulnerable Software and Affected Versions Pion DTLS versions prior to 2.1.5 Description The issue affects users that are using Client certificates only. A DTLS Client could provide a Certificate that it doesn't possess the private key for, and Pion DTLS wouldn't reject it. The...