{"id":"CVE-2021-46853","details":"Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.","modified":"2026-03-15T22:42:39.697126Z","published":"2022-11-03T06:15:09.760Z","references":[{"type":"ADVISORY","url":"https://nostarttls.secvuln.info/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202301-07"},{"type":"REPORT","url":"https://bugs.gentoo.org/807613"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46853.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2.25"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}