Pion WebRTC prior to 3.0.15 didn't properly tear down the DTLS Connection when certificate verification failed. The PeerConnectionState was set to failed, but a user could ignore that and continue to use the PeerConnection. )A WebRTC implementation shouldn't allow the user to continue if verification has failed.)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webrtc project webrtc |