Affected version do this crate did not validate the size of buffers when attempting to decode messages.
This allows an attacker to trigger a panic by sending a UDP datagram with a 1 byte payload over network.
This flaw was corrected by validating the size of the buffers before attempting to decode the message.
{ "license": "CC0-1.0" }