Pexip: >> Pexip Infinity >> 27.1 Security Vulnerabilities
Pexip Infinity before 35.0 has improper input validation that allows remote attackers to trigger a denial of service (software abort) via a crafted signalling message.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-04-02
Pexip Infinity before 34.1 has Improper Access Control for persons in a waiting room. They can see the conference roster list, and perform certain actions that should not be allowed before they are admitted to the meeting.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-06-10
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-12-25
Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-12-25
Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-12-25
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-07-17
Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719.
CVSS Score
7.5
EPSS Score
0.008
Published
2022-07-17
Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-07-17
Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-07-17
Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-07-17
Page 1