{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T03:13:13.821","vulnerabilities":[{"cve":{"id":"CVE-2026-25949","sourceIdentifier":"security-advisories@github.com","published":"2026-02-12T20:16:11.227","lastModified":"2026-02-20T18:44:41.160","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest (STARTTLS) prelude and then stalling, causing connections to remain open indefinitely, leading to a denial of service. This vulnerability is fixed in 3.6.8."},{"lang":"es","value":"Traefik es un proxy inverso HTTP y un balanceador de carga. Antes de la versión 3.6.8, existe una posible vulnerabilidad en Traefik al gestionar solicitudes STARTTLS. Un cliente no autenticado puede eludir el respondingTimeouts.readTimeout del punto de entrada de Traefik enviando el preámbulo de 8 bytes de Postgres SSLRequest (STARTTLS) y luego estancándose, lo que provoca que las conexiones permanezcan abiertas indefinidamente, lo que lleva a una denegación de servicio. Esta vulnerabilidad se corrige en la versión 3.6.8."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionEndExcluding":"3.6.8","matchCriteriaId":"05ADF4F6-5356-4E37-9CBB-0C5058E249D5"}]}]}],"references":[{"url":"https://github.com/traefik/traefik/commit/31e566e9f1d7888ccb6fbc18bfed427203c35678","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/traefik/traefik/releases/tag/v3.6.8","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/traefik/traefik/security/advisories/GHSA-89p3-4642-cr2w","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}}]}