Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
13 vulnerabilities by meetecho
CVE-2021-4124 (GCVE-0-2021-4124)
Vulnerability from cvelistv5 – Published: 2021-12-16 13:15 – Updated: 2024-08-03 17:16
VLAI
Title
Cross-site Scripting (XSS) - Stored in meetecho/janus-gateway
Summary
janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Severity
8.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/a6ca142e-60aa-4d6f-b23… | x_refsource_CONFIRM |
| https://github.com/meetecho/janus-gateway/commit/… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| meetecho | meetecho/janus-gateway |
Affected:
unspecified , < 0.11.7
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:04.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/a6ca142e-60aa-4d6f-b231-5d1bcd1b7190"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/commit/f62bba6513ec840761f2434b93168106c7c65a3d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "meetecho/janus-gateway",
"vendor": "meetecho",
"versions": [
{
"lessThan": "0.11.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-16T13:15:11.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/a6ca142e-60aa-4d6f-b231-5d1bcd1b7190"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/commit/f62bba6513ec840761f2434b93168106c7c65a3d"
}
],
"source": {
"advisory": "a6ca142e-60aa-4d6f-b231-5d1bcd1b7190",
"discovery": "EXTERNAL"
},
"title": "Cross-site Scripting (XSS) - Stored in meetecho/janus-gateway",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2021-4124",
"STATE": "PUBLIC",
"TITLE": "Cross-site Scripting (XSS) - Stored in meetecho/janus-gateway"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "meetecho/janus-gateway",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.11.7"
}
]
}
}
]
},
"vendor_name": "meetecho"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/a6ca142e-60aa-4d6f-b231-5d1bcd1b7190",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/a6ca142e-60aa-4d6f-b231-5d1bcd1b7190"
},
{
"name": "https://github.com/meetecho/janus-gateway/commit/f62bba6513ec840761f2434b93168106c7c65a3d",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/commit/f62bba6513ec840761f2434b93168106c7c65a3d"
}
]
},
"source": {
"advisory": "a6ca142e-60aa-4d6f-b231-5d1bcd1b7190",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2021-4124",
"datePublished": "2021-12-16T13:15:11.000Z",
"dateReserved": "2021-12-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T17:16:04.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-4020 (GCVE-0-2021-4020)
Vulnerability from cvelistv5 – Published: 2021-11-27 09:15 – Updated: 2024-08-03 17:16
VLAI
Title
Cross-site Scripting (XSS) - Stored in meetecho/janus-gateway
Summary
janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Severity
8.8 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/9814baa8-7bdd-4e31-a13… | x_refsource_CONFIRM |
| https://github.com/meetecho/janus-gateway/commit/… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| meetecho | meetecho/janus-gateway |
Affected:
unspecified , < 0.11.6
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:02.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/9814baa8-7bdd-4e31-a132-d9d15653409e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/commit/d3fc00ec803d6c41d8f98908732f44e7f4911a1c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "meetecho/janus-gateway",
"vendor": "meetecho",
"versions": [
{
"lessThan": "0.11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-27T09:15:11.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/9814baa8-7bdd-4e31-a132-d9d15653409e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/commit/d3fc00ec803d6c41d8f98908732f44e7f4911a1c"
}
],
"source": {
"advisory": "9814baa8-7bdd-4e31-a132-d9d15653409e",
"discovery": "EXTERNAL"
},
"title": "Cross-site Scripting (XSS) - Stored in meetecho/janus-gateway",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2021-4020",
"STATE": "PUBLIC",
"TITLE": "Cross-site Scripting (XSS) - Stored in meetecho/janus-gateway"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "meetecho/janus-gateway",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.11.6"
}
]
}
}
]
},
"vendor_name": "meetecho"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/9814baa8-7bdd-4e31-a132-d9d15653409e",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/9814baa8-7bdd-4e31-a132-d9d15653409e"
},
{
"name": "https://github.com/meetecho/janus-gateway/commit/d3fc00ec803d6c41d8f98908732f44e7f4911a1c",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/commit/d3fc00ec803d6c41d8f98908732f44e7f4911a1c"
}
]
},
"source": {
"advisory": "9814baa8-7bdd-4e31-a132-d9d15653409e",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2021-4020",
"datePublished": "2021-11-27T09:15:11.000Z",
"dateReserved": "2021-11-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T17:16:02.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14033 (GCVE-0-2020-14033)
Vulnerability from cvelistv5 – Published: 2020-06-15 16:11 – Updated: 2024-08-04 12:32
VLAI
Summary
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/pull/2229 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6117"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6166"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2229"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-15T16:11:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6117"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6166"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2229"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-14033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6117",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6117"
},
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6166",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6166"
},
{
"name": "https://github.com/meetecho/janus-gateway/pull/2229",
"refsource": "CONFIRM",
"url": "https://github.com/meetecho/janus-gateway/pull/2229"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-14033",
"datePublished": "2020-06-15T16:11:14.000Z",
"dateReserved": "2020-06-11T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:32:14.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14034 (GCVE-0-2020-14034)
Vulnerability from cvelistv5 – Published: 2020-06-15 16:10 – Updated: 2024-08-04 12:32
VLAI
Summary
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/pull/2229 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.712Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L381"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L401"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2229"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-15T16:10:34.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L381"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L401"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2229"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-14034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L381",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L381"
},
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L401",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L401"
},
{
"name": "https://github.com/meetecho/janus-gateway/pull/2229",
"refsource": "CONFIRM",
"url": "https://github.com/meetecho/janus-gateway/pull/2229"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-14034",
"datePublished": "2020-06-15T16:10:34.000Z",
"dateReserved": "2020-06-11T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:32:14.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13901 (GCVE-0-2020-13901)
Vulnerability from cvelistv5 – Published: 2020-06-10 21:09 – Updated: 2024-08-04 12:32
VLAI
Summary
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_merge in sdp.c has a stack-based buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/pull/2214 | x_refsource_CONFIRM |
| https://github.com/merrychap/poc_exploits/tree/ma… | x_refsource_MISC |
Date Public
2020-06-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L1248"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_merge in sdp.c has a stack-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-01T20:37:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L1248"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13901"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_merge in sdp.c has a stack-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L1248",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L1248"
},
{
"name": "https://github.com/meetecho/janus-gateway/pull/2214",
"refsource": "CONFIRM",
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"name": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13901",
"refsource": "MISC",
"url": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13901"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13901",
"datePublished": "2020-06-10T21:09:35.000Z",
"dateReserved": "2020-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:32:14.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13900 (GCVE-0-2020-13900)
Vulnerability from cvelistv5 – Published: 2020-06-10 21:07 – Updated: 2024-08-04 12:32
VLAI
Summary
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_preparse in sdp.c has a NULL pointer dereference.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/pull/2214 | x_refsource_CONFIRM |
| https://github.com/merrychap/poc_exploits/tree/ma… | x_refsource_MISC |
Date Public
2020-06-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L64"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L74"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13900"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_preparse in sdp.c has a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-01T20:42:45.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L64"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L74"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13900"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_preparse in sdp.c has a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L64",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L64"
},
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L74",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L74"
},
{
"name": "https://github.com/meetecho/janus-gateway/pull/2214",
"refsource": "CONFIRM",
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"name": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13900",
"refsource": "MISC",
"url": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13900"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13900",
"datePublished": "2020-06-10T21:07:34.000Z",
"dateReserved": "2020-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:32:14.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13899 (GCVE-0-2020-13899)
Vulnerability from cvelistv5 – Published: 2020-06-10 21:05 – Updated: 2024-08-04 12:32
VLAI
Summary
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_process_incoming_request in janus.c discloses information from uninitialized stack memory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/pull/2214 | x_refsource_CONFIRM |
| https://github.com/merrychap/poc_exploits/tree/ma… | x_refsource_MISC |
Date Public
2020-06-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:13.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/janus.c#L1326"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13899"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_process_incoming_request in janus.c discloses information from uninitialized stack memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-01T20:40:22.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/janus.c#L1326"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13899"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_process_incoming_request in janus.c discloses information from uninitialized stack memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/janus.c#L1326",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/janus.c#L1326"
},
{
"name": "https://github.com/meetecho/janus-gateway/pull/2214",
"refsource": "CONFIRM",
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"name": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13899",
"refsource": "MISC",
"url": "https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13899"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13899",
"datePublished": "2020-06-10T21:05:17.000Z",
"dateReserved": "2020-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:32:13.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13898 (GCVE-0-2020-13898)
Vulnerability from cvelistv5 – Published: 2020-06-10 21:03 – Updated: 2024-08-04 12:32
VLAI
Summary
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_process in sdp.c has a NULL pointer dereference.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/blob/v0… | x_refsource_MISC |
| https://github.com/meetecho/janus-gateway/pull/2214 | x_refsource_CONFIRM |
| https://github.com/merrychap/CVEs/tree/master/jan… | x_refsource_MISC |
Date Public
2020-06-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L120"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L123"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/merrychap/CVEs/tree/master/janus-webrtc/CVE-2020-13898"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_process in sdp.c has a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-01T20:34:40.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L120"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L123"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/merrychap/CVEs/tree/master/janus-webrtc/CVE-2020-13898"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13898",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_process in sdp.c has a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L120",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L120"
},
{
"name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L123",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/sdp.c#L123"
},
{
"name": "https://github.com/meetecho/janus-gateway/pull/2214",
"refsource": "CONFIRM",
"url": "https://github.com/meetecho/janus-gateway/pull/2214"
},
{
"name": "https://github.com/merrychap/CVEs/tree/master/janus-webrtc/CVE-2020-13898",
"refsource": "MISC",
"url": "https://github.com/merrychap/CVEs/tree/master/janus-webrtc/CVE-2020-13898"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13898",
"datePublished": "2020-06-10T21:03:32.000Z",
"dateReserved": "2020-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:32:14.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10573 (GCVE-0-2020-10573)
Vulnerability from cvelistv5 – Published: 2020-03-14 19:07 – Updated: 2024-08-04 11:06
VLAI
Summary
An issue was discovered in Janus through 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/pull/1988 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Janus through 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T19:07:37.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1988"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10573",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Janus through 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/pull/1988",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/pull/1988"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10573",
"datePublished": "2020-03-14T19:07:37.000Z",
"dateReserved": "2020-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10574 (GCVE-0-2020-10574)
Vulnerability from cvelistv5 – Published: 2020-03-14 19:07 – Updated: 2024-08-04 11:06
VLAI
Summary
An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/pull/1989 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1989"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn\u0027t actually exist during a \"query_logger\" Admin API request, because of a typo in the JSON validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T19:07:26.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1989"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10574",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn\u0027t actually exist during a \"query_logger\" Admin API request, because of a typo in the JSON validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/pull/1989",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/pull/1989"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10574",
"datePublished": "2020-03-14T19:07:26.000Z",
"dateReserved": "2020-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10576 (GCVE-0-2020-10576)
Vulnerability from cvelistv5 – Published: 2020-03-14 19:07 – Updated: 2024-08-04 11:06
VLAI
Summary
An issue was discovered in Janus through 0.9.1. plugins/janus_voicemail.c in the VoiceMail plugin has a race condition that could cause a server crash.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/pull/1993 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1993"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Janus through 0.9.1. plugins/janus_voicemail.c in the VoiceMail plugin has a race condition that could cause a server crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T19:07:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1993"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Janus through 0.9.1. plugins/janus_voicemail.c in the VoiceMail plugin has a race condition that could cause a server crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/pull/1993",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/pull/1993"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10576",
"datePublished": "2020-03-14T19:07:20.000Z",
"dateReserved": "2020-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10577 (GCVE-0-2020-10577)
Vulnerability from cvelistv5 – Published: 2020-03-14 19:07 – Updated: 2024-08-04 11:06
VLAI
Summary
An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that misuse the source property of a session, leading to a race condition when claiming sessions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/pull/1990 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1990"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that misuse the source property of a session, leading to a race condition when claiming sessions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T19:07:13.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1990"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that misuse the source property of a session, leading to a race condition when claiming sessions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/pull/1990",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/pull/1990"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10577",
"datePublished": "2020-03-14T19:07:13.000Z",
"dateReserved": "2020-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10575 (GCVE-0-2020-10575)
Vulnerability from cvelistv5 – Published: 2020-03-14 19:06 – Updated: 2024-08-04 11:06
VLAI
Summary
An issue was discovered in Janus through 0.9.1. plugins/janus_videocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/meetecho/janus-gateway/pull/1994 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Janus through 0.9.1. plugins/janus_videocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T19:06:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/meetecho/janus-gateway/pull/1994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Janus through 0.9.1. plugins/janus_videocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/meetecho/janus-gateway/pull/1994",
"refsource": "MISC",
"url": "https://github.com/meetecho/janus-gateway/pull/1994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10575",
"datePublished": "2020-03-14T19:06:58.000Z",
"dateReserved": "2020-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}