Vulnerabilities > Pexip

DATE CVE VULNERABILITY TITLE RISK
2022-07-17 CVE-2022-27937 Resource Exhaustion vulnerability in Pexip Infinity
Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.
network
low complexity
pexip CWE-400
7.5
2022-02-18 CVE-2021-29655 Insufficient Verification of Data Authenticity vulnerability in Pexip Infinity Connect
Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks.
network
low complexity
pexip CWE-345
critical
9.8
2022-02-18 CVE-2021-29656 Improper Certificate Validation vulnerability in Pexip Infinity Connect
Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation.
network
low complexity
pexip CWE-295
critical
9.8
2022-02-18 CVE-2022-23228 Allocation of Resources Without Limits or Throttling vulnerability in Pexip Infinity
Pexip Infinity before 27.0 has improper WebRTC input validation.
network
low complexity
pexip CWE-770
7.5
2022-01-15 CVE-2021-32545 Improper Input Validation vulnerability in Pexip Infinity
Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation.
network
low complexity
pexip CWE-20
7.5
2022-01-15 CVE-2021-33498 Improper Input Validation vulnerability in Pexip Infinity
Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2).
network
low complexity
pexip CWE-20
7.5
2022-01-15 CVE-2021-33499 Improper Input Validation vulnerability in Pexip Infinity
Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2).
network
low complexity
pexip CWE-20
7.5
2022-01-15 CVE-2021-35969 Improper Input Validation vulnerability in Pexip Infinity
Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.
network
low complexity
pexip CWE-20
7.5
2022-01-15 CVE-2021-42555 Improper Input Validation vulnerability in Pexip Infinity
Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.
network
low complexity
pexip CWE-20
7.5
2021-07-07 CVE-2021-31925 Improper Input Validation vulnerability in Pexip Infinity 25.0/25.3
Pexip Infinity 25.x before 25.4 has Improper Input Validation, and thus an unauthenticated remote attacker can cause a denial of service via the administrative web interface.
network
low complexity
pexip CWE-20
7.5