Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Meetecho Subscribe
Total 13 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-4124 1 Meetecho 1 Janus 2021-12-20 4.3 MEDIUM 6.1 MEDIUM
janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4020 1 Meetecho 1 Janus 2021-11-30 3.5 LOW 5.4 MEDIUM
janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-13899 1 Meetecho 1 Janus 2021-07-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_process_incoming_request in janus.c discloses information from uninitialized stack memory.
CVE-2020-13898 1 Meetecho 1 Janus 2021-03-04 5.0 MEDIUM 7.5 HIGH
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_process in sdp.c has a NULL pointer dereference.
CVE-2020-13900 1 Meetecho 1 Janus 2021-03-04 5.0 MEDIUM 7.5 HIGH
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_preparse in sdp.c has a NULL pointer dereference.
CVE-2020-13901 1 Meetecho 1 Janus 2021-03-04 7.5 HIGH 9.8 CRITICAL
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_merge in sdp.c has a stack-based buffer overflow.
CVE-2020-14033 1 Meetecho 1 Janus 2020-06-18 7.5 HIGH 9.8 CRITICAL
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server.
CVE-2020-14034 1 Meetecho 1 Janus 2020-06-18 7.5 HIGH 9.8 CRITICAL
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet.
CVE-2020-10575 1 Meetecho 1 Janus 2020-03-18 4.0 MEDIUM 4.2 MEDIUM
An issue was discovered in Janus through 0.9.1. plugins/janus_videocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times.
CVE-2020-10573 1 Meetecho 1 Janus 2020-03-18 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Janus through 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge.
CVE-2020-10574 1 Meetecho 1 Janus 2020-03-18 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation.
CVE-2020-10577 1 Meetecho 1 Janus 2020-03-17 5.8 MEDIUM 4.8 MEDIUM
An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that misuse the source property of a session, leading to a race condition when claiming sessions.
CVE-2020-10576 1 Meetecho 1 Janus 2020-03-17 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in Janus through 0.9.1. plugins/janus_voicemail.c in the VoiceMail plugin has a race condition that could cause a server crash.