4 matches found
net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion
A flaw was found in Ruby's net-imap library. In certain versions, there is a possibility for denial of service by memory exhaustion in the net-imap response parser. At any time while the client is connected, a malicious server can send highly compressed uid-set data, which is automatically read b...
Medium: ruby3.2
Issue Overview: Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in net-imap's response parser. At any time while the...
AZL-56555 CVE-2025-25186 affecting package ruby for versions less than 3.3.5-3
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in net-imap's response parser. At any time while the client is...
Net::IMAP 安全漏洞
Net::IMAP is a Ruby client api for the Message Access Protocol in the Ruby open source. A security vulnerability in Net::IMAP version 0.3.2 through versions prior to 0.3.8, 0.4.19, and 0.5.6, which stems from the response parser's unrestricted conversion of uid-set data, allows a malicious server...