GMS-2023-304: Improper Check or Handling of Exceptional Conditions

February 7, 2023 (updated June 13, 2023)

During the unmarshalling of a hello verify request we could try to unmarshal into too small a buffer. is could result in a panic leading the program to crash. This issue could be abused to cause a denial of service.

References

github.com/advisories/GHSA-4xgv-j62q-h3rj
github.com/pion/dtls/commit/a50d26c5e4eed2ca87509494ffef2d2ebd22b1eb
github.com/pion/dtls/security/advisories/GHSA-4xgv-j62q-h3rj
pkg.go.dev/vuln/GO-2023-1534

Detect and mitigate GMS-2023-304 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →