Lucene search
+L

imap - StartTLS stripping attack

🗓️ 01 Aug 2021 00:00:00Reported by RubySecType 
rubygems
 rubygems
🔗 nvd.nist.gov👁 7 Views

Ruby Net::IMAP fails to raise on Start TLS failure, enabling man in the middle by blocking Start TLS.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
freebsd
Ruby -- multiple vulnerabilities
7 Jul 202100:00
freebsd
attackerkb
CVE-2021-32066
1 Aug 202119:15
attackerkb
nessus
Amazon Linux 2 : ruby (ALAS-2024-2570)
12 Jun 202400:00
nessus
nessus
Amazon Linux 2 : ruby (ALASRUBY2.6-2023-004)
27 Sep 202300:00
nessus
nessus
Amazon Linux 2 : ruby (ALASRUBY3.0-2023-005)
27 Sep 202300:00
nessus
nessus
Alibaba Cloud Linux 3 : 0054: ruby:2.7 (ALINUX3-SA-2021:0054)
14 May 202500:00
nessus
nessus
AlmaLinux 8 : ruby:2.6 (ALSA-2022:0543)
11 Mar 202200:00
nessus
nessus
AlmaLinux 8 : ruby:2.5 (ALSA-2022:0672)
11 Mar 202200:00
nessus
nessus
CentOS 8 : ruby:2.7 (CESA-2021:3020)
9 Aug 202100:00
nessus
nessus
CentOS 8 : ruby:2.6 (CESA-2022:0543)
16 Feb 202200:00
nessus
Rows per page
Vulners
Node
OR
rubyrubyRange2.6.02.6.8
rubyrubyRange2.7.02.7.4
rubyrubyRange3.0.2

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Aug 2021 00:00Current
7High risk
Vulners AI Score7
CVSS 25.8
CVSS 3.17.4
EPSS0.02909
7