Pion Dtls
5 CVEs affecting Pion Dtls. Latest disclosed: 2026-02-11. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-20786 | Critical | 9.8 | 2020-04-19 | handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary un… |
CVE-2022-29190 | High | 7.5 | 2022-05-21 | Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infini… |
CVE-2026-26014 | Medium | 5.9 | 2026-02-11 | Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.0.10 and 3.1.0 use random nonce generation with AES… |
CVE-2022-29222 | Medium | 5.9 | 2022-05-21 | Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses… |
CVE-2022-29189 | Medium | 5.3 | 2022-05-21 | Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper… |