1090 matches found
PT-2026-34845
Name of the Vulnerable Software and Affected Versions MailKit versions prior to 4.16.0 Description A STARTTLS Response Injection issue allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary. This can enable a SASL authentication...
FreeBSD : traefik -- TCP readTimeout bypass via STARTTLS on Postgres (590979aa-09f7-11f1-a730-5404a68ad561)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 590979aa-09f7-11f1-a730-5404a68ad561 advisory. The traefik project reports: There is a potential vulnerability in Traefik managing STARTTLS requests. ...
CVE-2026-25949
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...
CVE-2026-25949
CVE-2026-25949 – Traefik TCP readTimeout bypass via STARTTLS on Postgres . Affects Traefik prior to v3.6.8. An unauthenticated client can bypass the entrypoint’s respondingTimeouts.readTimeout by sending a Postgres SSLRequest (STARTTLS) prelude, stall, and keep connections open indefinitely, caus...
Allocation of Resources Without Limits or Throttling
Overview github.com/traefik/traefik/v2/pkg/server/router/tcp is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with your existing infrastructure components Docker, Swarm mode, Kubernetes, Marathon, Consul, Etcd, Rancher, Amazon ECS, ... a...
CVE-2026-25949
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...
CVE-2026-25949 Traefik: TCP readTimeout bypass via STARTTLS on Postgres
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the STARTTLS component. An attacker can cause resource exhaustion by sending a specially crafted request and stalling the connection, which bypasses configured read timeouts and...
CVE-2026-25949 Traefik: TCP readTimeout bypass via STARTTLS on Postgres
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...
CVE-2026-25949 Traefik: TCP readTimeout bypass via STARTTLS on Postgres
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...
Traefik: TCP readTimeout bypass via STARTTLS on Postgres
Impact There is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then stalling, causing connections to remain open indefinitely,...
authentik 资源管理错误漏洞
Authentik is an open-source identity provisioning application developed by Authentik. Versions of Authentik prior to 3.6.8 contained a resource management vulnerability. This vulnerability stemmed from potential issues during the processing of STARTTLS requests, allowing unverified clients to...
PT-2026-7873
Name of the Vulnerable Software and Affected Versions Traefik versions prior to 3.6.8 Description Traefik, an HTTP reverse proxy and load balancer, contains a flaw in how it manages STARTTLS requests. An unauthenticated client can bypass the respondingTimeouts.readTimeout setting by sending an...
traefik -- TCP readTimeout bypass via STARTTLS on Postgres
The traefik project reports: There is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then stalling, causing connections to remain...
MiracleLinux 8 : fetchmail-6.4.24-1.el8.ML.1 (AXSA:2022-3362:02)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3362:02 advisory. fetchmail: DoS or information disclosure when logging long messages CVE-2021-36386 fetchmail: STARTTLS session encryption bypassing CVE-2021-39272...
MiracleLinux 8 : curl-7.61.1-18.el8.2 (AXSA:2021-2528:05)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2528:05 advisory. curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols CVE-2021-22946 curl: Server responses received before STARTTLS...
MiracleLinux 8 : ruby:2.6 (AXSA:2022-3073:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3073:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...
MiracleLinux 8 : ruby:2.5 (AXSA:2022-3087:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3087:01 advisory. rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31799 ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host...
MiracleLinux 4 : thunderbird-78.7.0-1.0.1.AXS4 (AXSA:2021-1432:01)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1432:01 advisory. Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23953 Mozilla: Type confusion when using logical assignment operators...
MiracleLinux 7 : rh-ruby30-ruby-3.0.2-148.el7 (AXSA:2021-2500:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2500:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...