USN-8431-1: Ruby vulnerabilities

It was discovered that Ruby's Net::IMAP library did not properly verify that Transport Layer Security TLS encryption was started after issuing a STARTTLS command. A remote attacker could possibly use this issue to perform a machine-in-the-middle attack and silently bypass TLS encryption...

SUSE CVE-2026-42258

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched ...

Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument

Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...

[SECURITY] Fedora 44 Update: nginx-1.30.2-1.fc44

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

Astra Linux - уязвимость в thunderbird

If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses before the STARTTLS handshake was completed, then Thunderbird did not ignore the injected data. This could result in Thunderbird displaying incorrect information. For example, the...

[SECURITY] Fedora 43 Update: nginx-1.30.1-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

CVE-2026-42245

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

PT-2026-40028

Name of the Vulnerable Software and Affected Versions dovecot versions prior to 2.4.4-1.1 Description An attacker can use the IMAP SETACL command to inject the anyone permission into a user's dovecot-acl file, bypassing the imap acl allow anyone=no configuration. This allows folders to be spammed...

Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-017525)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017525 advisory. An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unkno...

UBUNTU-CVE-2026-42257

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...

CVE-2026-42257 net-imap: Command Injection via "raw" arguments to multiple commands

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...

CVE-2026-42245

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

CVE-2026-43859

A flaw was found in mutt, an email client, where it mishandles cryptographic digests used for IMAP Internet Message Access Protocol authentication. This incorrect handling could lead to a low integrity impact, potentially allowing a remote attacker to subtly affect the authentication process...

JLSEC-2026-428 When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross...

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

PT-2026-36775

Name of the Vulnerable Software and Affected Versions mutt versions prior to 2.3.2 Description The imap auth gss security level is mishandled. Recommendations Update to version 2.3.2...

thunderbird: Out of bounds read in IMAP parsing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...

Roundcube Webmail: Unsanitized IMAP SEARCH command arguments

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsanitized IMAP SEARCH command arguments could lead to IMAP injection or CSRF bypass during mail search...

CVE-2026-35538

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsanitized IMAP SEARCH command arguments could lead to IMAP injection or CSRF bypass during mail search...

CLSA-2026-1774614606 python3: Fix of CVE-2025-15366

CVE-2025-15366: reject control characters in IMAP commands...