github.com/pion/dtls is vulnerable to denial of service. The vulnerability exists because the pop
function of fragment_buffer.go
does not properly check the length of the fragments buffer, allowing an attacker to crash the application through the infinite loop by providing zero-length fragments.