Pexip: >> Pexip Infinity >> 38.1 Security Vulnerabilities
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already has access to execute code on one node within a Pexip Infinity installation) to impact the operation of other nodes within the installation.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-12-25
Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation, allowing an attacker to disconnect RTMP streams traversing a Proxy Node.
CVSS Score
5.9
EPSS Score
0.001
Published
2025-12-25
Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-12-25
Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a temporary denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-12-25