3 matches found
DEBIAN-CVE-2026-43915
Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.11.0 contain a stored cross-site scripting XSS vulnerability in the web-admin HTTPS interface. An attacker who can create a TURN allocation with a crafted USERNAME value can inject HTML/JavaScript that execut...
CVE-2026-43994
Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...
EUVD-2015-0847
Malware in sbrugna...