EUVD-2023-32252

Malicious code in bioql PyPI...

CVE-2023-28582

Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake...

PT-2024-2302 · Qualcomm · Qualcomm Embedded Platform

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform affected versions not specified Data Modem affected versions not specified Description: The issue is related to memory corruption in the Data Modem during the DTLS handshake, specifically when verifying the...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from memory corruption in the data modem when verifying hello-verify messages during the DTLS handshake...

GO-2023-1534 Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2

Unmarshalling a Hello Verify request can panic, which could allow a denial of service...

Denial Of Service (DoS)

github.com/pion/dtls is vulnerable to Denial Of Service DoS. The vulnerability exists in the Unmarshal function which tries to unmarshal into buffer to small via a Hello Verify request message which allows an attacker to cause an application crash...

Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2

Impact During the unmarshalling of a hello verify request we could try to unmarshal into too small a buffer. is could result in a panic leading the program to crash. This issue could be abused to cause a denial of service. Workaround None, upgrade to 2.2.4...

GHSA-4XGV-J62Q-H3RJ Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2

Impact During the unmarshalling of a hello verify request we could try to unmarshal into too small a buffer. is could result in a panic leading the program to crash. This issue could be abused to cause a denial of service. Workaround None, upgrade to 2.2.4...

GHSA-HXP2-XQF3-V83H Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2

Impact When attempting to unmarshal a Server Hello request we could attempt to unmarshal into a buffer that was too small. This could result in a panic leading the program to crash. This issue could be abused to cause a denial of service. Workaround None...

Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2

Impact When attempting to unmarshal a Server Hello request we could attempt to unmarshal into a buffer that was too small. This could result in a panic leading the program to crash. This issue could be abused to cause a denial of service. Workaround None...

GHSA-QQ3J-44GW-CF6R Eclipse Californium denial of service (DoS) via Datagram Transport Layer Security (DTLS) handshake on parameter mismatch

In Eclipse Californium versions 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification DDoS other pee...

CVE-2022-2576

In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification DDoS other peer...