CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

RedHat Linux•added 2025/05/26 8:36 a.m.•5 views

net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion

A flaw was found in Ruby's net-imap library. In certain versions, there is a possibility for denial of service by memory exhaustion in the net-imap response parser. At any time while the client is connected, a malicious server can send highly compressed uid-set data, which is automatically read b...

6.5CVSS5.8AI score0.00139EPSS

Exploits0References8

RedHat Linux•added 2025/05/06 2:33 a.m.•5 views

net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion

6.5CVSS5.8AI score0.00139EPSS

Exploits0References8

Amazon•added 2025/04/14 12:0 a.m.•5 views

Medium: ruby3.2

Issue Overview: Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in net-imap's response parser. At any time while the...

7.5CVSS8.8AI score0.00315EPSS

Exploits0

OSV•added 2025/02/28 3:32 p.m.•2 views

OESA-2025-1196 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Starti...

6.5CVSS6.6AI score0.00139EPSS

Exploits0References2

OSV•added 2025/02/28 3:32 p.m.•2 views

OESA-2025-1195 ruby security update

6.5CVSS6.6AI score0.00139EPSS

Exploits0References2

Veracode•added 2025/02/13 8:47 a.m.•7 views

Denial Of Service

Net::IMAP is vulnerable to Denial of Service DoS. The vulnerability is due to memory exhaustion due to the response parser's use of Rangetoa, which allows a malicious server to send highly compressed uid-set data, leading to uncontrolled memory expansion...

6.5CVSS7AI score0.00139EPSS

Exploits0References10Affected Software1

SUSE CVE•added 2025/02/12 3:47 a.m.•2 views

SUSE CVE-2025-25186

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in net-imap's response parser. At any time while the client is...

6.5CVSS6.8AI score0.00139EPSS

Exploits0References6

RedhatCVE•added 2025/02/11 5:29 p.m.•7 views

CVE-2025-25186

6.5CVSS6.9AI score0.00139EPSS

Exploits0References7

OSV•added 2025/02/10 5:42 p.m.•13 views

GHSA-7FC5-F82F-CX69 Possible DoS by memory exhaustion in net-imap

Summary There is a possibility for denial of service by memory exhaustion in net-imap's response parser. At any time while the client is connected, a malicious server can send can send highly compressed uid-set data which is automatically read by the client's receiver thread. The response parser...

6.5CVSS6.4AI score0.00139EPSS

Exploits0References10

Github Security Blog•added 2025/02/10 5:42 p.m.•34 views

Possible DoS by memory exhaustion in net-imap

6.5CVSS6.4AI score0.00139EPSS

Exploits0References10Affected Software1

Snyk•added 2025/02/10 4:41 p.m.•2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS through the response parser which uses Rangetoa to convert the uid-set data into arrays of integers, without limitations on the expanded size of the ranges. Details Denial of Service DoS describes a family of...

7.1CVSS7AI score0.00139EPSS

Exploits0References2

Snyk•added 2025/02/10 4:41 p.m.•2 views

Denial of Service (DoS)

Overview org.jruby:jruby-stdlib is a JRuby Lib Setup package. Affected versions of this package are vulnerable to Denial of Service DoS through the response parser which uses Rangetoa to convert the uid-set data into arrays of integers, without limitations on the expanded size of the ranges...

7.1CVSS6.8AI score0.00139EPSS

Exploits0References2

OSV•added 2025/02/10 4:15 p.m.•1 views

AZL-56555 CVE-2025-25186 affecting package ruby for versions less than 3.3.5-3

6.5CVSS6.8AI score0.00139EPSS

Exploits0References1

OSV•added 2025/02/10 4:15 p.m.•1 views

DEBIAN-CVE-2025-25186

6.5CVSS6.6AI score0.00139EPSS

Exploits0References1

OSV•added 2025/02/10 4:15 p.m.•1 views

UBUNTU-CVE-2025-25186

6.5CVSS6.9AI score0.00139EPSS

Exploits0References4

Debian CVE•added 2025/02/10 3:55 p.m.•10 views

CVE-2025-25186

6.5CVSS6.6AI score0.00139EPSS

Exploits0

Vulnrichment•added 2025/02/10 3:55 p.m.•17 views

CVE-2025-25186 Net::IMAP vulnerable to possible DoS by memory exhaustion

6.5CVSS6.3AI score0.00139EPSS

Exploits0References4

Positive Technologies•added 2025/02/10 12:0 a.m.•5 views

PT-2025-6069

Name of the Vulnerable Software and Affected Versions Net::IMAP versions 0.3.2 through 0.3.7 Net::IMAP versions 0.4.0 through 0.4.18 Net::IMAP versions 0.5.0 through 0.5.5 Description There is a possibility for denial of service by memory exhaustion in net-imap's response parser. At any time whil...

7.5CVSS6.9AI score0.08428EPSS

Exploits1References81

RubySec•added 2025/02/10 12:0 a.m.•20 views

Possible DoS by memory exhaustion in net-imap

6.5CVSS6.4AI score0.00139EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/02/10 12:0 a.m.•2 views

Net::IMAP 安全漏洞

Net::IMAP is a Ruby client api for the Message Access Protocol in the Ruby open source. A security vulnerability in Net::IMAP version 0.3.2 through versions prior to 0.3.8, 0.4.19, and 0.5.6, which stems from the response parser's unrestricted conversion of uid-set data, allows a malicious server...

6.5CVSS6.7AI score0.00139EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by