Vulnerabilities > Pexip > Pexip Infinity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-18 | CVE-2022-23228 | Allocation of Resources Without Limits or Throttling vulnerability in Pexip Infinity Pexip Infinity before 27.0 has improper WebRTC input validation. | 5.0 |
| 2021-07-07 | CVE-2021-31925 | Improper Input Validation vulnerability in Pexip Infinity Pexip Infinity 25.x before 25.4 has Improper Input Validation, and thus an unauthenticated remote attacker can cause a denial of service via the administrative web interface. | 5.0 |
| 2021-07-07 | CVE-2020-25868 | Improper Input Validation vulnerability in Pexip Infinity Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Validation for call setup. | 5.0 |
| 2020-09-25 | CVE-2020-24615 | Improper Input Validation vulnerability in Pexip Infinity Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP. | 5.0 |
| 2020-09-25 | CVE-2020-13387 | Improper Input Validation vulnerability in Pexip Infinity Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323. | 5.0 |
| 2020-09-25 | CVE-2020-12824 | Improper Input Validation vulnerability in Pexip Infinity 23/23.1/23.2 Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP. | 5.0 |
| 2020-09-25 | CVE-2020-11805 | Improper Input Validation vulnerability in Pexip Infinity and Reverse Proxy and Turn Server Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN. | 9.3 |
| 2017-05-02 | CVE-2017-6551 | Improper Input Validation vulnerability in Pexip Infinity 7.0 Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes. | 7.5 |
| 2015-02-03 | CVE-2014-8779 | 7PK - Security Features vulnerability in Pexip Infinity 7.0 Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys. | 7.1 |