Infinity CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-42555	1 Pexip	1 Infinity	2024-11-21	7.5 High
Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.
CVE-2021-35969	1 Pexip	1 Infinity	2024-11-21	7.5 High
Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.
CVE-2021-33499	1 Pexip	1 Infinity	2024-11-21	7.5 High
Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2).
CVE-2021-33498	1 Pexip	1 Infinity	2024-11-21	7.5 High
Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2).
CVE-2021-32545	1 Pexip	1 Infinity	2024-11-21	7.5 High
Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation.
CVE-2021-29656	1 Pexip	1 Infinity Connect	2024-11-21	9.8 Critical
Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation. The allow list is not properly checked.
CVE-2021-29655	1 Pexip	1 Infinity Connect	2024-11-21	9.8 Critical
Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. Thus, untrusted code may execute.

Page 1 of 1.