VYPR

Maven package

io.antmedia/ant-media-server

pkg:maven/io.antmedia/ant-media-server

Vulnerabilities (3)

  • CVE-2024-35371HigNov 29, 2024
    affected < 2.9.0fixed 2.9.0

    Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information

  • CVE-2024-3462MedMay 14, 2024
    affected <= 2.9.0

    Ant Media Server Community Edition in a default configuration is vulnerable to an improper HTTP header based authorization, leading to a possible use of non-administrative API calls reserved only for authorized users.  All versions up to 2.9.0 (tested) and possibly newer ones are

  • CVE-2024-32656HigApr 22, 2024
    affected >= 2.6.0, < 2.9.0fixed 2.9.0

    Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerability arises