Pion WebRTC before 3.0.15 didn't properly tear down the DTLS Connection when certificate verification failed. The PeerConnectionState was set to failed, but a user could ignore that and continue to use the PeerConnection. )A WebRTC implementation shouldn't allow the user to continue if verification has failed.)
2021-03-18T04:15:14.617
2024-11-21T06:00:07.237
Modified
CVSSv3.1: 5.3 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:P/A:N
10.0
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | webrtc_project | webrtc | < 3.0.15 | Yes |