Vulnerabilities > Coturn Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-13 | CVE-2020-26262 | Confused Deputy vulnerability in multiple products Coturn is free open source implementation of TURN and STUN Server. | 7.2 |
2020-06-29 | CVE-2020-4067 | Improper Initialization vulnerability in multiple products In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. | 7.5 |
2020-02-19 | CVE-2020-6062 | NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. | 7.5 |
2020-02-19 | CVE-2020-6061 | Out-of-bounds Read vulnerability in multiple products An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. | 9.8 |
2019-03-21 | CVE-2018-4059 | Missing Authorization vulnerability in Coturn Project Coturn An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9. | 9.8 |
2019-03-21 | CVE-2018-4058 | Unspecified vulnerability in Coturn Project Coturn An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. | 7.7 |
2019-02-05 | CVE-2018-4056 | SQL Injection vulnerability in multiple products An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9. | 9.8 |