CVE-2021-28681

🗓️ 18 Mar 2021 04:14:15Reported by [email protected]Type

Pion WebRTC didn't properly tear down DTLS Connection if certificate verification faile

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Github Security Blog	In github.com/pion/webrtc, failed DTLS certificate verification doesn't stop data channel communication	25 May 202118:42	–	github
Veracode	Insecure Certificate Validation	27 May 202106:04	–	veracode
CVE	CVE-2021-28681	18 Mar 202104:15	–	cve
OSV	GHSA-74XM-QJ29-CQ8P In github.com/pion/webrtc, failed DTLS certificate verification doesn't stop data channel communication	25 May 202118:42	–	osv
OSV	GO-2021-0104 Authorization bypass in github.com/pion/webrtc/v3	28 Jul 202118:08	–	osv
OSV	CVE-2021-28681	18 Mar 202104:15	–	osv
Cvelist	CVE-2021-28681	18 Mar 202103:20	–	cvelist
Prion	Code injection	18 Mar 202104:15	–	prion
RedhatCVE	CVE-2021-28681	22 May 202519:34	–	redhatcve

Nvd

Node

webrtc_project webrtcRange<3.0.15

Source	Link
github	www.github.com/pion/webrtc/issues/1708
github	www.github.com/pion/webrtc/security/advisories/GHSA-74xm-qj29-cq8p

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Mar 2021 04:15Current

CVSS25

CVSS35.3

EPSS0.001

CWE-863