Lucene search
MitreCVELIST:CVE-2021-28681HistoryMar 18, 2021 - 3:20 a.m.
CVE-2021-28681
2021-03-1803:20:06
mitre
www.cve.org
1
0.001 Low
EPSS
Percentile
38.8%
Pion WebRTC before 3.0.15 didn’t properly tear down the DTLS Connection when certificate verification failed. The PeerConnectionState was set to failed, but a user could ignore that and continue to use the PeerConnection. )A WebRTC implementation shouldn’t allow the user to continue if verification has failed.)
Related
cve
cve
CVE-2021-28681
2021-03-18 04:15:14
nvd
nvd
CVE-2021-28681
2021-03-18 04:15:14
osv
osv
In github.com/pion/webrtc, failed DTLS certificate verification doesn't stop data channel communication
2021-05-25 18:42:42
Authorization bypass in github.com/pion/webrtc/v3
2021-07-28 18:08:05
CVE-2021-28681
2021-03-18 04:15:14
veracode
veracode
Insecure Certificate Validation
2021-05-27 06:04:45
github
github
prion
prion
Code injection
2021-03-18 04:15:00