3 matches found
CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...
EEF-CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret
Summary Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls\server\connection:initial\hello/3 initializes previous\cookie\secret...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an authorization bypass. If any type of callback other than a public key is passed,...