CNNVD-202511-1403 Information
CNNVD ID
CNNVD-202511-1403
Related CVE
- CNNVD Published: 2025-11-12
Description (Chinese)
kdcproxy是latchset开源的一个Python库 kdcproxy存在安全漏洞,该漏洞源于未强制执行TCP响应长度边界,可能导致拒绝服务攻击。
Description (English)
kdcproxy is a Python library of a matchset open source There is a security gap in kdcproxy, which stems from the lack of enforcement of the TCP response length boundary, which could lead to a denial of service attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
latchset
Published
2025-11-12
Last Modified
2026-02-24
References
https://access.redhat.com/errata/RHSA-2025:21138 https://github.com/latchset/kdcproxy/pull/68 https://access.redhat.com/security/cve/CVE-2025-59089 https://bugzilla.redhat.com/show_bug.cgi?id=2393958 https://access.redhat.com/errata/RHSA-2025:21142 https://access.redhat.com/errata/RHSA-2025:21141 https://access.redhat.com/errata/RHSA-2025:21140 https://access.redhat.com/errata/RHSA-2025:21139 https://vigilance.fr/vulnerability/kdcproxy-denial-of-service-via-TCP-Response-Length-48767
Patch
https://github.com/latchset/kdcproxy/releases
Share on: