6 matches found
Ubuntu 22.04 LTS : Snowflake vulnerabilities (USN-7966-1)
The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7966-1 advisory. It was discovered that Pion DTLS, vendored in Snowflake, did not impose a limit on the amount of data that was buffered during the handshake. An attacker...
CVE-2022-29222
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection...
CVE-2022-29222
creationtimestamp| type| source ---|---|--- 2022-05-21 07:47:54+00:00| seen| https://t.me/cibsecurity/43136...
CVE-2022-29222 Improper Certificate Validation in Pion DTLS
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection...
CVE-2022-29222 Improper Certificate Validation in Pion DTLS
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection...
CVE-2022-29222
CVE-2022-29222 affects Pion DTLS (Go) prior to v2.1.5. A DTLS server could accept a client certificate without the client proving possession of the corresponding private key, making the provided certificate untrustworthy while the connection remains otherwise secure. Publicly documented details c...