Vulnerabilities > Coturn Project > Coturn > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-02-19 CVE-2020-6061 Out-of-bounds Read vulnerability in multiple products
An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests.
network
low complexity
coturn-project fedoraproject debian canonical CWE-125
critical
 9.8
9.8
2019-03-21 CVE-2018-4059 Missing Authorization vulnerability in Coturn Project Coturn
An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9.
network
low complexity
coturn-project CWE-862
critical
 9.8
9.8
2019-02-05 CVE-2018-4056 SQL Injection vulnerability in multiple products
An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9.
network
low complexity
coturn-project debian CWE-89
critical
 9.8
9.8