8 matches found
CVE-2025-49140
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140 vulnerabilities
Vulnerabilities for packages: k3s...
CVE-2025-49140 vulnerabilities
Vulnerabilities for packages: k3s, ipfs-cluster-fips...
CVE-2025-49140
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140 Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140
Pion Interceptor (part of the RTP/RTCP framework) versions 0.1.36–0.1.38 contain a bug in the RTP packet factory that can cause a panic in Pion-based SFUs when handling crafted RTP packets. The issue is mitigated by upgrading to v0.1.39 or later, which adds a validation that padLen > 0 && padLen
CVE-2025-49140
creationtimestamp| type| source ---|---|--- 2025-06-09 17:17:11+00:00| seen| https://bsky.app/profile/pion.ly/post/3lr6uzl55x22n 2025-06-09 21:31:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17781 2025-06-09 23:53:17+00:00| seen|...