9 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-47240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw data...
CVE-2026-47240
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing...
UBUNTU-CVE-2026-47240
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing...
CVE-2026-47240 Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing...
CVE-2026-47240
Summary of CVE-2026-47240 (Net::IMAP, Ruby) : The vulnerability affects Net::IMAP’s IMAP client in Ruby, where several commands accept a “raw data” argument that is validated but could still be exploited if a server does not support non-synchronizing literals. In that case, a server may interpret...
GHSA-8P34-64R3-MWG8 Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument
Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...
Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument
Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...
PT-2026-48340
Name of the Vulnerable Software and Affected Versions Net::IMAP versions prior to 0.6.5 Net::IMAP versions prior to 0.5.15 Description Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Certain commands accept a raw data argument that is sent verbatim after...
Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument
Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...