Lucene search
K

268 matches found

OSV
OSV
added 2026/03/09 5:48 p.m.3 views

MGASA-2026-0051 Updated coturn packages fix security vulnerability

IPv4-mapped IPv6 ::ffff:0:0/96 bypasses denied-peer-ip ACL. CVE-2026-27624...

7.2CVSS5.8AI score0.00254EPSS
Exploits1References3
Mageia
Mageia
added 2026/03/09 5:48 p.m.18 views

Updated coturn packages fix security vulnerability

IPv4-mapped IPv6 ::ffff:0:0/96 bypasses denied-peer-ip ACL. CVE-2026-27624...

7.2CVSS5.8AI score0.00254EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/07 12:0 a.m.6 views

Fedora 44 : coturn (2026-379e214a37)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-379e214a37 advisory. Coturn 4.9.0 - Multiple security fixes - Fix to Web Admin password check - Cleanup of deprecated OpenSSL APIs - Fix for CVE-2026-27624: Bypass...

7.2CVSS5.9AI score0.00254EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.2 views

Fedora 43 : coturn (2026-8cb5571ddc)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8cb5571ddc advisory. Coturn 4.9.0 - Multiple security fixes - Fix to Web Admin password check - Cleanup of deprecated OpenSSL APIs - Fix for CVE-2026-27624: Bypass...

7.2CVSS5.9AI score0.00254EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.1 views

Fedora 42 : coturn (2026-2a1aa1f57f)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2a1aa1f57f advisory. Coturn 4.9.0 - Multiple security fixes - Fix to Web Admin password check - Cleanup of deprecated OpenSSL APIs - Fix for CVE-2026-27624: Bypass...

7.2CVSS5.9AI score0.00254EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2026/03/05 12:0 a.m.1 views

Fedora: Security Advisory (FEDORA-2026-8cb5571ddc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6AI score0.00254EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2026/03/05 12:0 a.m.21 views

Fedora: Security Advisory (FEDORA-2026-2a1aa1f57f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6AI score0.00254EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/02/26 12:24 a.m.4 views

SUSE CVE-2026-27624

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

6.5CVSS5.8AI score0.00254EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/02/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-27624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using denied-peer-ip...

7.2CVSS7.1AI score0.01282EPSS
Exploits4References3
NVD
NVD
added 2026/02/25 5:17 a.m.17 views

CVE-2026-27624

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

7.2CVSS0.00254EPSS
Exploits1References3
OSV
OSV
added 2026/02/25 5:17 a.m.3 views

UBUNTU-CVE-2026-27624

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

7.2CVSS5.8AI score0.00254EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2026/02/25 5:17 a.m.4 views

CVE-2026-27624

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

7.2CVSS7.1AI score0.00254EPSS
Exploits1References5
EUVD
EUVD
added 2026/02/25 4:4 a.m.2 views

EUVD-2026-8620

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

7.2CVSS5.5AI score0.01282EPSS
Exploits4References3
ATTACKERKB
ATTACKERKB
added 2026/02/25 4:4 a.m.7 views

CVE-2026-27624

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

7.2CVSS5.5AI score0.01282EPSS
Exploits4References4Affected Software1
OSV
OSV
added 2026/02/25 4:4 a.m.3 views

CVE-2026-27624 Coturn: IPv4-mapped IPv6 (::ffff:0:0/96) bypasses denied-peer-ip ACL

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

7.2CVSS5.6AI score0.00254EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2026/02/25 4:4 a.m.6 views

CVE-2026-27624

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

7.2CVSS7AI score0.00254EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/02/25 4:4 a.m.5 views

CVE-2026-27624

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

7.2CVSS8.4AI score0.00254EPSS
Exploits1
Cvelist
Cvelist
added 2026/02/25 4:4 a.m.32 views

CVE-2026-27624 Coturn: IPv4-mapped IPv6 (::ffff:0:0/96) bypasses denied-peer-ip ACL

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

7.2CVSS0.00254EPSS
Exploits1References3
CVE
CVE
added 2026/02/25 4:4 a.m.122 views

CVE-2026-27624

Coturn was vulnerable to a bypass of the IPv4-mapped IPv6 loopback/denied-peer-ip checks prior to 4.9.0. The root cause was that three functions in src/client/ns_turn_ioaddr.c did not check IN6_IS_ADDR_V4MAPPED, allowing a CreatePermission/ChannelBind with ::ffff:127.0.0.1 to bypass 127.0.0.0/8 l...

7.2CVSS5.5AI score0.00254EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.8 views

Coturn 安全漏洞

Coturn is an open-source implementation of TURN TURN VoIP Media Services NAT Traversal Server and Gateway and STUN Simple Transfer of User Datagram Protocol Network Address Translators Servers. Versions of Coturn prior to 4.9.0 contained security vulnerabilities; these vulnerabilities stemmed fro...

7.2CVSS7.3AI score0.00254EPSS
Exploits1References4
Rows per page
Query Builder