Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-51q3-qpap-5qdg

Summary Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack". Upgrade to v3.1.0 or later.

Aliases

alias	CVE-2026-26014

alias	GHSA-9f3f-wv7r-qc8r

Fixed_packages

url	pkg:deb/debian/golang-github-pion-dtls-v3@3.1.2-1?distro=sid
purl	pkg:deb/debian/golang-github-pion-dtls-v3@3.1.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-pion-dtls-v3@3.1.2-1%3Fdistro=sid

url	pkg:golang/github.com/pion/dtls/v3@3.0.11
purl	pkg:golang/github.com/pion/dtls/v3@3.0.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/github.com/pion/dtls/v3@3.0.11

url	pkg:golang/github.com/pion/dtls/v3@3.1.1
purl	pkg:golang/github.com/pion/dtls/v3@3.1.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/github.com/pion/dtls/v3@3.1.1

Affected_packages

url pkg:golang/github.com/pion/dtls/v3@3.1.0

purl pkg:golang/github.com/pion/dtls/v3@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-51q3-qpap-5qdg

resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/pion/dtls/v3@3.1.0

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26014.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26014.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-26014

reference_id

reference_type

scores

value	0.00059
scoring_system	epss
scoring_elements	0.18683
published_at	2026-06-11T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18846
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-26014

reference_url

https://github.com/pion/dtls

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pion/dtls

reference_url

https://github.com/pion/dtls/commit/90e241cfec2985715efdd3d005972847462a67d6

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pion/dtls/commit/90e241cfec2985715efdd3d005972847462a67d6

reference_url

https://github.com/pion/dtls/releases/tag/v3.0.11

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pion/dtls/releases/tag/v3.0.11

reference_url

https://github.com/pion/dtls/releases/tag/v3.1.1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pion/dtls/releases/tag/v3.1.1

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-26014

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-26014

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127927
reference_id	1127927
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127927

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127928
reference_id	1127928
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127928

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2439178
reference_id	2439178
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2439178

reference_url

https://github.com/pion/dtls/commit/61762dee8217991882c5eb79856b9e7a73ee349f

reference_id

61762dee8217991882c5eb79856b9e7a73ee349f

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T21:23:09Z/

url

https://github.com/pion/dtls/commit/61762dee8217991882c5eb79856b9e7a73ee349f

reference_url

https://github.com/pion/dtls/pull/796

reference_id

796

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T21:23:09Z/

url

https://github.com/pion/dtls/pull/796

reference_url

https://github.com/pion/dtls/security/advisories/GHSA-9f3f-wv7r-qc8r

reference_id

GHSA-9f3f-wv7r-qc8r

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T21:23:09Z/

url

https://github.com/pion/dtls/security/advisories/GHSA-9f3f-wv7r-qc8r

reference_url

https://github.com/pion/dtls/releases/tag/v3.1.0

reference_id

v3.1.0

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T21:23:09Z/

url

https://github.com/pion/dtls/releases/tag/v3.1.0

Weaknesses

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

cwe_id	323
name	Reusing a Nonce, Key Pair in Encryption
description	Nonces should be used for the present occasion and only once.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-51q3-qpap-5qdg

Vulnerability Instance