1112 matches found
GHSA-VCGP-9326-PQCP net-imap vulnerable to STARTTLS stripping via invalid response timing
Summary A man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. Details When using Net::IMAPstarttls to upgrade a plaintext connection to use TLS, a man-in-the-middle attacker can inject a tagged OK response with an easily predictable tag. By sendi...
net-imap vulnerable to STARTTLS stripping via invalid response timing
Summary A man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. Details When using Net::IMAPstarttls to upgrade a plaintext connection to use TLS, a man-in-the-middle attacker can inject a tagged OK response with an easily predictable tag. By sendi...
net-imap vulnerable to STARTTLS stripping via invalid response timing
Summary A man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. Details When using Net::IMAPstarttls to upgrade a plaintext connection to use TLS, a man-in-the-middle attacker can inject a tagged OK response with an easily predictable tag. By sendi...
GHSA-X8MH-94WC-33GV apache-airflow-providers-smtp: No certificate validation on SMTP STARTTLS connections in SMTP provider
Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...
apache-airflow-providers-smtp: No certificate validation on SMTP STARTTLS connections in SMTP provider
Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...
Improper Certificate Validation
Overview apache-airflow-providers-smtp is a Provider for Apache Airflow. Implements apache-airflow-providers-smtp package Affected versions of this package are vulnerable to Improper Certificate Validation in the SmtpHook when establishing a STARTTLS connection. An attacker can intercept SMTP...
PYSEC-2026-24
Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...
PYSEC-2026-24
Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...
CVE-2026-41016
Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...
CVE-2026-41016 Apache Airflow Providers SMTP: No certificate validation on SMTP STARTTLS connections in SMTP provider
Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...
CVE-2026-41016 Apache Airflow Providers SMTP: No certificate validation on SMTP STARTTLS connections in SMTP provider
Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...
CVE-2026-41016
CVE-2026-41016 affects Apache Airflow’s SMTP provider SmtpHook. The SMTP workflow calls smtplib.SMTP.starttls() without supplying an SSL context, so TLS upgrades do not validate certificates. This enables a man-in-the-middle between the Airflow worker and the SMTP server to present a self-signed ...
CVE-2026-41016
Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...
PT-2026-36084
Name of the Vulnerable Software and Affected Versions apache-airflow-providers-smtp affected versions not specified Description The SmtpHook component in the SMTP provider calls the Python function smtplib.SMTP.starttls without an SSL context. This omission prevents certificate validation during...
CVE-2026-41319 MailKit has STARTTLS Response Injection via unflushed stream buffer that enables SASL mechanism downgrade
MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication...
CVE-2026-41319
Summary (CVE-2026-41319) MailKit (MimeKit-based) exposes a STARTTLS vulnerability where the internal read buffers of SmtpStream, ImapStream, and Pop3Stream are not flushed when upgrading to TLS with SslStream. This allows pre-TLS attacker-injected data to be treated as post-TLS, enabling a MITM-b...
CVE-2026-41319 MailKit has STARTTLS Response Injection via unflushed stream buffer that enables SASL mechanism downgrade
MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication...
CVE-2026-41319 MailKit has STARTTLS Response Injection via unflushed stream buffer that enables SASL mechanism downgrade
MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication...
MailKit 注入漏洞
MailKit is a cross-platform email client library developed by Jeffrey Stedfast. Versions of MailKit prior to 4.16.0 had an injection vulnerability. This vulnerability stemmed from STARTTLS response injection, which allowed man-in-the-middle attackers to inject arbitrary protocol responses, thereb...
MailKit has STARTTLS Response Injection via unflushed stream buffer that enables SASL mechanism downgrade
Summary A STARTTLS Response Injection vulnerability in MailKit allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication mechanism downgrade e.g., forcing PLAIN instead of SCRAM-SHA-256. The internal read...