Header reconstruction method can be thrown into an infinite loop in Pion DTLS
CVE-2022-29190
7.5HIGH
What is CVE-2022-29190?
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available.
Affected Version(s)
dtls < 2.1.4
