Lucene search
K

4 matches found

OSV
OSV
added 2026/06/26 2:0 p.m.28 views

UBUNTU-CVE-2026-8286

A vulnerability exists where a new transfer that uses STARTTLS to upgrade the connection might reuse an existing live connection even though the TLS configuration mismatches so it should not...

8.1CVSS5.9AI score0.00413EPSS
Exploits1References4
OSV
OSV
added 2026/04/18 1:13 a.m.7 views

GHSA-9J88-VVJ5-VHGR MailKit has STARTTLS Response Injection via unflushed stream buffer that enables SASL mechanism downgrade

Summary A STARTTLS Response Injection vulnerability in MailKit allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication mechanism downgrade e.g., forcing PLAIN instead of SCRAM-SHA-256. The internal read...

6.5CVSS5.9AI score0.00223EPSS
Exploits1References3
Snyk
Snyk
added 2026/04/18 1:13 a.m.5 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the internal stream buffers SmtpStream, ImapStream, and Pop3Stream not being flushed during the STARTTLS upgrade process. An attacker c...

7.1CVSS5.8AI score0.00223EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2021/11/02 9:6 a.m.1 views

curl: Server responses received before STARTTLS processed after TLS handshake

A flaw was found in curl. The flaw lies in how curl handles cached or pipelined responses that it receives from either a IMAP, POP3, SMTP or FTP server before the TLS upgrade using STARTTLS. In such a scenario curl even after upgrading to TLS would trust these cached responses treating them as...

5.9CVSS7.2AI score0.02799EPSS
Exploits1References5
Rows per page
Query Builder