Infinity Connect Security Vulnerabilities

CVE-2021-29655

Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. Thus, untrusted code may execute.

CVE-2021-29656

Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation. The allow list is not properly checked.