Pexip Infinity Connect — known CVE vulnerabilities
Every CVE whose affected-product data names Pexip Infinity Connect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-29655 — CVSS 9.8 (critical): Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. Thus, untrusted code may execute.
CVE-2021-29656 — CVSS 9.8 (critical): Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation. The allow list is not properly checked.