Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-25949

Опубликовано: 12 фев. 2026
Источник: redhat
CVSS3: 7.5

Описание

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest (STARTTLS) prelude and then stalling, causing connections to remain open indefinitely, leading to a denial of service. This vulnerability is fixed in 3.6.8.

A flaw was found in Traefik, an HTTP reverse proxy and load balancer. An unauthenticated client can exploit this vulnerability by sending a specific 8-byte Postgres SSLRequest (STARTTLS) prelude and then intentionally delaying further communication. This action bypasses Traefik's configured read timeouts, causing connections to remain open indefinitely. The primary consequence is a Denial of Service, as the server's resources become exhausted by these persistent, non-responsive connections.

Отчет

This is an IMPORTANT denial of service flaw in Traefik, an HTTP reverse proxy and load balancer, affecting Red Hat OpenShift Dev Spaces. An unauthenticated client can exploit this by sending a specific STARTTLS request and then stalling, which bypasses configured read timeouts and causes connections to remain open indefinitely, leading to resource exhaustion.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenShift Dev Spacesdevspaces/traefik-rhel9Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-770
https://bugzilla.redhat.com/show_bug.cgi?id=2439522github.com/traefik/traefik: Traefik: Denial of Service via stalled STARTTLS requests

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2026-25949

CVSS3: 7.5
nvd
около 1 месяца назад

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest (STARTTLS) prelude and then stalling, causing connections to remain open indefinitely, leading to a denial of service. This vulnerability is fixed in 3.6.8.

debian логотип

CVE-2026-25949

CVSS3: 7.5
debian
около 1 месяца назад

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, th ...

github логотип

GHSA-89p3-4642-cr2w

CVSS3: 7.5
github
около 1 месяца назад

Traefik: TCP readTimeout bypass via STARTTLS on Postgres

7.5 High

CVSS3