While working on the iotex-core project, we discovered a critical vulnerability in the Go package Pion Interceptor(this dependency used by iotex-core), tracked as CVE-2025-49140. This vulnerability affects versions v0.1.36 through v0.1.38 and allows an attacker to remotely crash applications using Pion-based SFU (Selective Forwarding Unit) implementations.
CVE Link
CVE Report
While working on the iotex-core project, we discovered a critical vulnerability in the Go package Pion Interceptor(this dependency used by iotex-core), tracked as CVE-2025-49140. This vulnerability affects versions v0.1.36 through v0.1.38 and allows an attacker to remotely crash applications using Pion-based SFU (Selective Forwarding Unit) implementations.
CVE Link
CVE Report