Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Janus
(Meetecho)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-12-16 | CVE-2021-4124 | janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Janus | 6.1 | ||
| 2021-11-27 | CVE-2021-4020 | janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Janus | 5.4 | ||
| 2020-06-10 | CVE-2020-13899 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_process_incoming_request in janus.c discloses information from uninitialized stack memory. | Janus | 7.5 | ||
| 2020-06-10 | CVE-2020-13901 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_merge in sdp.c has a stack-based buffer overflow. | Janus | 9.8 | ||
| 2020-06-10 | CVE-2020-13900 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_preparse in sdp.c has a NULL pointer dereference. | Janus | 7.5 | ||
| 2020-06-10 | CVE-2020-13898 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_process in sdp.c has a NULL pointer dereference. | Janus | 7.5 | ||
| 2020-06-15 | CVE-2020-14034 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet. | Janus | N/A | ||
| 2020-06-15 | CVE-2020-14033 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server. | Janus | N/A | ||
| 2020-03-14 | CVE-2020-10575 | An issue was discovered in Janus through 0.9.1. plugins/janus_videocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times. | Janus | N/A | ||
| 2020-03-14 | CVE-2020-10574 | An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation. | Janus | N/A |