EPSS
Percentile
31.1%
github.com/pion/dtls is vulnerable to improper certificate validation. The vulnerability exists because the flight4Parse function of flight4handler.go accepts client certificates without verifying them.
flight4Parse
flight4handler.go
github.com/pion/dtls/commit/d2f797183a9f044ce976e6df6f362662ca722412
github.com/pion/dtls/pull/464
github.com/pion/dtls/releases/tag/v2.1.5
github.com/pion/dtls/security/advisories/GHSA-w45j-f832-hxvh