Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2026/05/16 1:12 a.m.10 views

SUSE CVE-2026-42256

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational...

6CVSS5.7AI score0.00299EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/09 7:39 p.m.8 views

CVE-2026-42257

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...

9.8CVSS5.8AI score0.00429EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/09 7:38 p.m.9 views

CVE-2026-42256 net-imap: Denial of service via high iteration count for `SCRAM-*` authentication

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational...

6CVSS5.7AI score0.00299EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/09 7:37 p.m.39 views

CVE-2026-42245 net-imap: Quadratic complexity when reading response literals

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

2.3CVSS0.0041EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28762

Malicious code in bioql PyPI...

2.3CVSS6.3AI score0.00213EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-6703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2. CVE-2025-6703 Note...

6.5CVSS5.4AI score0.00213EPSS
Exploits0References2
Rows per page
Query Builder