Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/06/20 2:30 a.m.10 views

SUSE CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

9.8CVSS6.1AI score0.0045EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/18 7:44 p.m.19 views

CVE-2026-43994 Coturn: Stack buffer overflow in decode_oauth_token_gcm()

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

8.1CVSS0.0045EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 7:44 p.m.6 views

CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

8.1CVSS5.7AI score0.0045EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/06/18 7:44 p.m.21 views

CVE-2026-43994

CVE-2026-43994 affects coturn before 4.10.0: a stack buffer overflow in decode_oauth_token_gcm() occurs when parsing an attacker-supplied OAuth token’s nonce_len, which is copied directly to a 256-byte stack buffer without bounds checking. Up to 735 bytes of attacker-controlled data may be writte...

9.8CVSS5.6AI score0.0045EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder