Lucene search
K

77 matches found

RedHat Linux
RedHat Linux
added 2 days ago2 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS6AI score0.0041EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 6 days ago3 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS5.8AI score0.0041EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/07/07 7:1 a.m.6 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS5.9AI score0.0041EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/07/06 2:7 p.m.7 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS5.8AI score0.0041EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/30 7:2 p.m.2 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS6AI score0.0041EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/30 4:32 p.m.5 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS5.7AI score0.0041EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/30 4:27 p.m.5 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS5.7AI score0.0041EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/30 2:25 p.m.2 views

ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses

A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol IMAP client functionality. A hostile server can exploit a quadratic time complexity issue in the Net::IMAP::ResponseReader when processing large responses containing numerous string literals. This can...

7.5CVSS6AI score0.0041EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/09 4:2 p.m.34 views

CVE-2026-49842 FreeSWITCH: Pre-authentication bandwidth amplification via `mod_verto` speed-test frames

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's WebSocket frame loop intercepts a -prefixed speed-test protocol SPU / SPB / SP...

7.5CVSS0.00449EPSS
Exploits0References2
OSV
OSV
added 2026/05/09 8:16 p.m.7 views

DEBIAN-CVE-2026-42245

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

7.5CVSS5.7AI score0.0041EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/09 8:16 p.m.10 views

CVE-2026-42245

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

7.5CVSS5.7AI score0.0041EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/09 7:37 p.m.9 views

CVE-2026-42245

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

7.5CVSS5.7AI score0.0041EPSS
Exploits0
OSV
OSV
added 2026/05/09 7:37 p.m.1 views

CVE-2026-42245 net-imap: Quadratic complexity when reading response literals

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

2.3CVSS5.9AI score0.0041EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.16 views

Net::IMAP 安全漏洞

Net::IMAP is a Ruby client API for the IMAP message access protocol, developed by Ruby Open Source. Versions of Net::IMAP prior to 0.4.24, 0.5.14, and 0.6.4 contained security vulnerabilities. These vulnerabilities stemmed from the use of ResponseReader, which had a quadratic time complexity when...

7.5CVSS5.8AI score0.0041EPSS
Exploits0References1
OSV
OSV
added 2026/05/07 4:57 p.m.11 views

CLSA-2026-1778173027 dovecot: Fix of CVE-2026-27858

CVE-2026-27858: fix unbounded memory allocation in managesieve-login when AUTHENTICATE initial response literal size is excessively large...

7.5CVSS5.8AI score0.0079EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 9:16 p.m.9 views

CVE-2026-40924

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the HTTP resolver's FetchHttpResource function calls io.ReadAllresp.Body with no response body size limit. Any tenant...

6.5CVSS0.00318EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.17 views

Tekton Pipelines 资源管理错误漏洞

Tekton Pipelines is a cloud-native pipeline developed by Tekton Open Source. Versions of Tekton Pipelines prior to 1.11.1 contained a resource management vulnerability. This vulnerability stemmed from the FetchHttpResource function in the HTTP parser, which did not limit the size of the response...

6.5CVSS5.8AI score0.00318EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/04/13 2:27 a.m.7 views

undici: Undici: Denial of Service due to uncontrolled resource consumption

A flaw was found in Undici. When the interceptors.deduplicate feature is enabled, response data for deduplicated requests can accumulate in memory. A remote attacker, by sending large or chunked responses and concurrent identical requests from an untrusted endpoint, can exploit this uncontrolled...

5.9CVSS7AI score0.00566EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/11 7:41 p.m.2 views

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

7.5CVSS7AI score0.01525EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/04/11 9:26 a.m.4 views

SUSE CVE-2026-2581

This is an uncontrolled resource consumption vulnerability CWE-400 that can lead to Denial of Service DoS. In vulnerable Undici versions, when interceptors.deduplicate is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlle...

5.9CVSS7AI score0.00566EPSS
Exploits0References7
Rows per page
Query Builder