Lucene search
K

1090 matches found

Positive Technologies
Positive Technologies
added 2026/04/18 12:0 a.m.20 views

PT-2026-34845

Name of the Vulnerable Software and Affected Versions MailKit versions prior to 4.16.0 Description A STARTTLS Response Injection issue allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary. This can enable a SASL authentication...

6.5CVSS6AI score0.00223EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/02/15 12:0 a.m.5 views

FreeBSD : traefik -- TCP readTimeout bypass via STARTTLS on Postgres (590979aa-09f7-11f1-a730-5404a68ad561)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 590979aa-09f7-11f1-a730-5404a68ad561 advisory. The traefik project reports: There is a potential vulnerability in Traefik managing STARTTLS requests. ...

7.5CVSS5.9AI score0.00709EPSS
Exploits0References3
NVD
NVD
added 2026/02/12 8:16 p.m.10 views

CVE-2026-25949

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS0.00709EPSS
Exploits0References7
CVE
CVE
added 2026/02/12 8:1 p.m.19 views

CVE-2026-25949

CVE-2026-25949 – Traefik TCP readTimeout bypass via STARTTLS on Postgres . Affects Traefik prior to v3.6.8. An unauthenticated client can bypass the entrypoint’s respondingTimeouts.readTimeout by sending a Postgres SSLRequest (STARTTLS) prelude, stall, and keep connections open indefinitely, caus...

7.5CVSS5.6AI score0.00709EPSS
Exploits0References7Affected Software1
Snyk
Snyk
added 2026/02/12 8:1 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview github.com/traefik/traefik/v2/pkg/server/router/tcp is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with your existing infrastructure components Docker, Swarm mode, Kubernetes, Marathon, Consul, Etcd, Rancher, Amazon ECS, ... a...

8.7CVSS5.6AI score0.00709EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/02/12 8:1 p.m.6 views

CVE-2026-25949

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS5.7AI score0.00709EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/12 8:1 p.m.3 views

CVE-2026-25949 Traefik: TCP readTimeout bypass via STARTTLS on Postgres

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS5.6AI score0.00709EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/12 8:1 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the STARTTLS component. An attacker can cause resource exhaustion by sending a specially crafted request and stalling the connection, which bypasses configured read timeouts and...

8.7CVSS5.6AI score0.00709EPSS
Exploits0References2
OSV
OSV
added 2026/02/12 8:1 p.m.5 views

CVE-2026-25949 Traefik: TCP readTimeout bypass via STARTTLS on Postgres

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS5.6AI score0.00709EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/02/12 8:1 p.m.30 views

CVE-2026-25949 Traefik: TCP readTimeout bypass via STARTTLS on Postgres

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS0.00709EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/02/12 3:54 p.m.8 views

Traefik: TCP readTimeout bypass via STARTTLS on Postgres

Impact There is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then stalling, causing connections to remain open indefinitely,...

7.5CVSS5.9AI score0.00709EPSS
Exploits0References9Affected Software1
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.7 views

authentik 资源管理错误漏洞

Authentik is an open-source identity provisioning application developed by Authentik. Versions of Authentik prior to 3.6.8 contained a resource management vulnerability. This vulnerability stemmed from potential issues during the processing of STARTTLS requests, allowing unverified clients to...

7.5CVSS5.8AI score0.00709EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.11 views

PT-2026-7873

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 3.6.8 Description Traefik, an HTTP reverse proxy and load balancer, contains a flaw in how it manages STARTTLS requests. An unauthenticated client can bypass the respondingTimeouts.readTimeout setting by sending an...

9.9CVSS6AI score0.27661EPSS
Exploits45References120
FreeBSD
FreeBSD
added 2026/02/11 12:0 a.m.6 views

traefik -- TCP readTimeout bypass via STARTTLS on Postgres

The traefik project reports: There is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then stalling, causing connections to remain...

7.5CVSS5.6AI score0.00709EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : fetchmail-6.4.24-1.el8.ML.1 (AXSA:2022-3362:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3362:02 advisory. fetchmail: DoS or information disclosure when logging long messages CVE-2021-36386 fetchmail: STARTTLS session encryption bypassing CVE-2021-39272...

7.5CVSS5.6AI score0.0256EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : curl-7.61.1-18.el8.2 (AXSA:2021-2528:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2528:05 advisory. curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols CVE-2021-22946 curl: Server responses received before STARTTLS...

7.5CVSS7AI score0.04224EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 8 : ruby:2.6 (AXSA:2022-3073:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3073:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...

9.3CVSS8.6AI score0.06307EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : ruby:2.5 (AXSA:2022-3087:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3087:01 advisory. rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31799 ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host...

7.4CVSS8.7AI score0.0305EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 4 : thunderbird-78.7.0-1.0.1.AXS4 (AXSA:2021-1432:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1432:01 advisory. Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23953 Mozilla: Type confusion when using logical assignment operators...

8.8CVSS8.5AI score0.01556EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : rh-ruby30-ruby-3.0.2-148.el7 (AXSA:2021-2500:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2500:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...

9.3CVSS8.6AI score0.06307EPSS
Exploits3References5
Rows per page
Query Builder