78 matches found
CVE-2026-42257
A flaw was found in Net::IMAP, a Ruby library for Internet Message Access Protocol IMAP client functionality. Several Net::IMAP commands accept raw string arguments that are sent to the server without proper validation or escaping. If an application uses user-controlled input for these arguments,...
DEBIAN-CVE-2026-42256
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational...
CVE-2026-42257
CVE-2026-42257 affects the Ruby Net::IMAP library where, prior to versions 0.4.24, 0.5.14, and 0.6.4, several IMAP commands accept a raw string argument sent to the server without validation or escaping. If derived from user input, this can include CRLF sequences and allow injection of arbitrary ...
EUVD-2026-28925
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational...
Ruby net-imap < 0.4.24 / 0.5.x < 0.5.14 / 0.6.x < 0.6.4 Multiple Vulnerabilities
The version of the net-imap Ruby library installed on the remote host is prior to 0.4.24, 0.5.x prior to 0.5.14, or 0.6.x prior to 0.6.4. It is, therefore, affected by multiple vulnerabilities. - The Net::IMAP::ResponseReader component is affected by a quadratic time complexity flaw when parsing...
Moderate: Red Hat Security Advisory: python3.9 security update
An update for python3.9 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
MiracleLinux 7 : rh-ruby27-ruby-2.7.4-130.el7 (AXSA:2021-2423:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2423:02 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...
MiracleLinux 7 : curl-7.29.0-42.el7.1 (AXSA:2017-2424:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2424:02 advisory. A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker coul...
Updated ruby packages fix security vulnerabilities
Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service DoS vulnerability. The method does not impose any limit on the length of the raw cookie value it...
EUVD-2003-1292
Malware in sbrugna...
EUVD-2013-2081
Malware in sbrugna...
EUVD-2021-18919
Malware in sbrugna...
EUVD-2002-2193
Malware in sbrugna...
EUVD-2008-2822
Malware in sbrugna...
EUVD-2015-7971
Malware in sbrugna...
EUVD-1999-1205
Malware in sbrugna...
EUVD-2007-1298
Malware in sbrugna...
EUVD-2019-9382
Malware in sbrugna...
EUVD-2021-0936
Malware in sbrugna...
EUVD-2003-0163
Malware in sbrugna...