Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for net\ by ruby-lang
CVE-2026-42258 (GCVE-0-2026-42258)
Vulnerability from nvd – Published: 2026-05-09 19:40 – Updated: 2026-06-30 03:19
VLAI
Title
net-imap: Command Injection via unvalidated Symbol inputs
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.6.4 | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-42258 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2468498 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| ruby | net-imap |
Affected:
< 0.4.24
Affected: >= 0.5.0, < 0.5.14 Affected: >= 0.6.0, < 0.6.4 |
|
| Red Hat | Red Hat Hardened Images |
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42258",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T14:57:16.635329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T14:57:24.039Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "unknown",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unknown",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unknown",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "unknown",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-09T19:40:49.405Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful exploitation could lead to unauthorized actions on the IMAP server or client, potentially resulting in information disclosure or other integrity impacts."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T03:19:08.915Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-42258"
},
{
"name": "RHBZ#2468498",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468498"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42258.json"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-09T20:01:01.698Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-09T19:40:49.405Z",
"value": "Made public."
}
],
"title": "ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:40:49.405Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
}
],
"source": {
"advisory": "GHSA-75xq-5h9v-w6px",
"discovery": "UNKNOWN"
},
"title": "net-imap: Command Injection via unvalidated Symbol inputs"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42258",
"datePublished": "2026-05-09T19:40:49.405Z",
"dateReserved": "2026-04-26T11:53:27.704Z",
"dateUpdated": "2026-06-30T03:19:08.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42257 (GCVE-0-2026-42257)
Vulnerability from nvd – Published: 2026-05-09 19:39 – Updated: 2026-05-13 19:33
VLAI
Title
net-imap: Command Injection via "raw" arguments to multiple commands
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.6.4 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T19:27:16.888782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T19:33:13.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:39:48.398Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
}
],
"source": {
"advisory": "GHSA-hm49-wcqc-g2xg",
"discovery": "UNKNOWN"
},
"title": "net-imap: Command Injection via \"raw\" arguments to multiple commands"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42257",
"datePublished": "2026-05-09T19:39:48.398Z",
"dateReserved": "2026-04-26T11:53:27.704Z",
"dateUpdated": "2026-05-13T19:33:13.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42256 (GCVE-0-2026-42256)
Vulnerability from nvd – Published: 2026-05-09 19:38 – Updated: 2026-05-11 17:04
VLAI
Title
net-imap: Denial of service via high iteration count for `SCRAM-*` authentication
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational denial-of-service attack on the client process by sending a big iteration count value. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/commit/158d0b505… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/808001bc4… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/99f59eab6… | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.6.4 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42256",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T17:04:26.784816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T17:04:42.562Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.4.0, \u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational denial-of-service attack on the client process by sending a big iteration count value. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1322",
"description": "CWE-1322: Use of Blocking Code in Single-threaded, Non-blocking Context",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:38:33.106Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-87pf-fpwv-p7m7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-87pf-fpwv-p7m7"
},
{
"name": "https://github.com/ruby/net-imap/commit/158d0b505074397cdb5ceb58935e42dd2bcfa612",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/158d0b505074397cdb5ceb58935e42dd2bcfa612"
},
{
"name": "https://github.com/ruby/net-imap/commit/808001bc45c06f7297a7e96d341279e041a7f7f4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/808001bc45c06f7297a7e96d341279e041a7f7f4"
},
{
"name": "https://github.com/ruby/net-imap/commit/99f59eab6064955a23debd95410263ad144df758",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/99f59eab6064955a23debd95410263ad144df758"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
}
],
"source": {
"advisory": "GHSA-87pf-fpwv-p7m7",
"discovery": "UNKNOWN"
},
"title": "net-imap: Denial of service via high iteration count for `SCRAM-*` authentication"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42256",
"datePublished": "2026-05-09T19:38:33.106Z",
"dateReserved": "2026-04-26T11:53:27.704Z",
"dateUpdated": "2026-05-11T17:04:42.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42246 (GCVE-0-2026-42246)
Vulnerability from nvd – Published: 2026-05-09 19:33 – Updated: 2026-06-30 03:17
VLAI
Title
net-imap vulnerable to STARTTLS stripping via invalid response timing
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAP#starttls to return "successfully", without starting TLS. This issue has been patched in versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/commit/0ede4c40b… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/24a4e770b… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/97e2488fb… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/f79d35bf5… | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.3.10 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-42246 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2468499 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| ruby | net-imap |
Affected:
< 0.3.10
Affected: >= 0.4.0, < 0.4.24 Affected: >= 0.5.0, < 0.5.14 Affected: >= 0.6.0, < 0.6.4 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Hardened Images |
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T02:29:05.120225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T02:29:15.333Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "unaffected",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-09T19:33:17.880Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAP#starttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle (MITM) attacker can inject a predicted tagged OK response before the client completes the STARTTLS command, causing the operation to appear successful without establishing a TLS session. As a result, the connection may continue to transmit sensitive information in cleartext and enable modification of data exchanged over the affected connection, while the application incorrectly believes that encryption has been enabled."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-325",
"description": "Missing Cryptographic Step",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T03:17:59.563Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-42246"
},
{
"name": "RHBZ#2468499",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468499"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42246.json"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-09T20:01:04.782Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-09T19:33:17.880Z",
"value": "Made public."
}
],
"title": "net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS",
"workarounds": [
{
"lang": "en",
"value": "As a temporary workaround, Users are strongly encouraged to switch from explicit TLS upgrading mechanisms (STARTTLS on port 143) to Implicit TLS connections (such as IMAPS on port 993).\n\nBy enforcing implicit TLS via port 993 from the initial socket creation step, the connection is mathematically protected against packet injection and connection degradation tactics entirely, bypassing the vulnerable implementation path."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.3.10"
},
{
"status": "affected",
"version": "\u003e= 0.4.0, \u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAP#starttls to return \"successfully\", without starting TLS. This issue has been patched in versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-392",
"description": "CWE-392: Missing Report of Error Condition",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-393",
"description": "CWE-393: Return of Wrong Status Code",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-636",
"description": "CWE-636: Not Failing Securely (\u0027Failing Open\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-841",
"description": "CWE-841: Improper Enforcement of Behavioral Workflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:33:17.880Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-vcgp-9326-pqcp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-vcgp-9326-pqcp"
},
{
"name": "https://github.com/ruby/net-imap/commit/0ede4c40b1523dfeaf95777b2678e54cc0fd9618",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/0ede4c40b1523dfeaf95777b2678e54cc0fd9618"
},
{
"name": "https://github.com/ruby/net-imap/commit/24a4e770b43230286a05aa2a9746cdbb3eb8485e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/24a4e770b43230286a05aa2a9746cdbb3eb8485e"
},
{
"name": "https://github.com/ruby/net-imap/commit/97e2488fb5401a1783bddd959dde007d9fbce42c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/97e2488fb5401a1783bddd959dde007d9fbce42c"
},
{
"name": "https://github.com/ruby/net-imap/commit/f79d35bf5833f186e81044c57c843eda30c873da",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/f79d35bf5833f186e81044c57c843eda30c873da"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.3.10",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.3.10"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
}
],
"source": {
"advisory": "GHSA-vcgp-9326-pqcp",
"discovery": "UNKNOWN"
},
"title": "net-imap vulnerable to STARTTLS stripping via invalid response timing"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42246",
"datePublished": "2026-05-09T19:33:17.880Z",
"dateReserved": "2026-04-25T05:37:12.118Z",
"dateUpdated": "2026-06-30T03:17:59.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42245 (GCVE-0-2026-42245)
Vulnerability from nvd – Published: 2026-05-09 19:37 – Updated: 2026-05-12 18:30
VLAI
Title
net-imap: Quadratic complexity when reading response literals
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are crafted to exhaust the client's CPU for a denial of service attack. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-407 - Inefficient Algorithmic Complexity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/commit/6091f7d6b… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/88d95231f… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/de685f91a… | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.6.4 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42245",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:53:55.917796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:30:58.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are crafted to exhaust the client\u0027s CPU for a denial of service attack. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.3,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-407",
"description": "CWE-407: Inefficient Algorithmic Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:37:08.905Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-q2mw-fvj9-vvcw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-q2mw-fvj9-vvcw"
},
{
"name": "https://github.com/ruby/net-imap/commit/6091f7d6b1f3514cafbfe39c76f2b5d73de3ca96",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/6091f7d6b1f3514cafbfe39c76f2b5d73de3ca96"
},
{
"name": "https://github.com/ruby/net-imap/commit/88d95231fc8afef11c1f074453f7d75b68c9dfda",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/88d95231fc8afef11c1f074453f7d75b68c9dfda"
},
{
"name": "https://github.com/ruby/net-imap/commit/de685f91a4a4cc75eb80da898c2bf8af08d34819",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/de685f91a4a4cc75eb80da898c2bf8af08d34819"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
}
],
"source": {
"advisory": "GHSA-q2mw-fvj9-vvcw",
"discovery": "UNKNOWN"
},
"title": "net-imap: Quadratic complexity when reading response literals"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42245",
"datePublished": "2026-05-09T19:37:08.905Z",
"dateReserved": "2026-04-25T05:37:12.118Z",
"dateUpdated": "2026-05-12T18:30:58.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43857 (GCVE-0-2025-43857)
Vulnerability from nvd – Published: 2025-04-28 16:02 – Updated: 2025-04-28 18:00
VLAI
Title
net-imap rubygem vulnerable to possible DoS by memory exhaustion
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a "literal" byte count, which is automatically read by the client's receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). This issue has been patched in versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/pull/442 | x_refsource_MISC |
| https://github.com/ruby/net-imap/pull/444/commits… | x_refsource_MISC |
| https://github.com/ruby/net-imap/pull/445 | x_refsource_MISC |
| https://github.com/ruby/net-imap/pull/446 | x_refsource_MISC |
| https://github.com/ruby/net-imap/pull/447 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43857",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-28T17:59:30.771022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T18:00:01.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.7"
},
{
"status": "affected",
"version": "\u003e= 0.4.0, \u003c 0.4.20"
},
{
"status": "affected",
"version": "\u003e= 0.3.0, \u003c 0.3.9"
},
{
"status": "affected",
"version": "\u003e= 0, \u003c 0.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a \"literal\" byte count, which is automatically read by the client\u0027s receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). This issue has been patched in versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789: Memory Allocation with Excessive Size Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-405",
"description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T16:02:04.459Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj"
},
{
"name": "https://github.com/ruby/net-imap/pull/442",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/442"
},
{
"name": "https://github.com/ruby/net-imap/pull/444/commits/0ae8576c1a90bcd9573f81bdad4b4b824642d105#diff-53721cb4d9c3fb86b95cc8476ca2df90968ad8c481645220c607034399151462",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/444/commits/0ae8576c1a90bcd9573f81bdad4b4b824642d105#diff-53721cb4d9c3fb86b95cc8476ca2df90968ad8c481645220c607034399151462"
},
{
"name": "https://github.com/ruby/net-imap/pull/445",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/445"
},
{
"name": "https://github.com/ruby/net-imap/pull/446",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/446"
},
{
"name": "https://github.com/ruby/net-imap/pull/447",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/447"
}
],
"source": {
"advisory": "GHSA-j3g3-5qv5-52mj",
"discovery": "UNKNOWN"
},
"title": "net-imap rubygem vulnerable to possible DoS by memory exhaustion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-43857",
"datePublished": "2025-04-28T16:02:04.459Z",
"dateReserved": "2025-04-17T20:07:08.555Z",
"dateUpdated": "2025-04-28T18:00:01.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-42258 (GCVE-0-2026-42258)
Vulnerability from cvelistv5 – Published: 2026-05-09 19:40 – Updated: 2026-06-30 03:19
VLAI
Title
net-imap: Command Injection via unvalidated Symbol inputs
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.6.4 | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-42258 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2468498 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| ruby | net-imap |
Affected:
< 0.4.24
Affected: >= 0.5.0, < 0.5.14 Affected: >= 0.6.0, < 0.6.4 |
|
| Red Hat | Red Hat Hardened Images |
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42258",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T14:57:16.635329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T14:57:24.039Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "unknown",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unknown",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unknown",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "unknown",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-09T19:40:49.405Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful exploitation could lead to unauthorized actions on the IMAP server or client, potentially resulting in information disclosure or other integrity impacts."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T03:19:08.915Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-42258"
},
{
"name": "RHBZ#2468498",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468498"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42258.json"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-09T20:01:01.698Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-09T19:40:49.405Z",
"value": "Made public."
}
],
"title": "ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:40:49.405Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
}
],
"source": {
"advisory": "GHSA-75xq-5h9v-w6px",
"discovery": "UNKNOWN"
},
"title": "net-imap: Command Injection via unvalidated Symbol inputs"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42258",
"datePublished": "2026-05-09T19:40:49.405Z",
"dateReserved": "2026-04-26T11:53:27.704Z",
"dateUpdated": "2026-06-30T03:19:08.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42257 (GCVE-0-2026-42257)
Vulnerability from cvelistv5 – Published: 2026-05-09 19:39 – Updated: 2026-05-13 19:33
VLAI
Title
net-imap: Command Injection via "raw" arguments to multiple commands
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.6.4 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T19:27:16.888782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T19:33:13.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:39:48.398Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
}
],
"source": {
"advisory": "GHSA-hm49-wcqc-g2xg",
"discovery": "UNKNOWN"
},
"title": "net-imap: Command Injection via \"raw\" arguments to multiple commands"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42257",
"datePublished": "2026-05-09T19:39:48.398Z",
"dateReserved": "2026-04-26T11:53:27.704Z",
"dateUpdated": "2026-05-13T19:33:13.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42256 (GCVE-0-2026-42256)
Vulnerability from cvelistv5 – Published: 2026-05-09 19:38 – Updated: 2026-05-11 17:04
VLAI
Title
net-imap: Denial of service via high iteration count for `SCRAM-*` authentication
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational denial-of-service attack on the client process by sending a big iteration count value. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/commit/158d0b505… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/808001bc4… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/99f59eab6… | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.6.4 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42256",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T17:04:26.784816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T17:04:42.562Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.4.0, \u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational denial-of-service attack on the client process by sending a big iteration count value. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1322",
"description": "CWE-1322: Use of Blocking Code in Single-threaded, Non-blocking Context",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:38:33.106Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-87pf-fpwv-p7m7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-87pf-fpwv-p7m7"
},
{
"name": "https://github.com/ruby/net-imap/commit/158d0b505074397cdb5ceb58935e42dd2bcfa612",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/158d0b505074397cdb5ceb58935e42dd2bcfa612"
},
{
"name": "https://github.com/ruby/net-imap/commit/808001bc45c06f7297a7e96d341279e041a7f7f4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/808001bc45c06f7297a7e96d341279e041a7f7f4"
},
{
"name": "https://github.com/ruby/net-imap/commit/99f59eab6064955a23debd95410263ad144df758",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/99f59eab6064955a23debd95410263ad144df758"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
}
],
"source": {
"advisory": "GHSA-87pf-fpwv-p7m7",
"discovery": "UNKNOWN"
},
"title": "net-imap: Denial of service via high iteration count for `SCRAM-*` authentication"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42256",
"datePublished": "2026-05-09T19:38:33.106Z",
"dateReserved": "2026-04-26T11:53:27.704Z",
"dateUpdated": "2026-05-11T17:04:42.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42245 (GCVE-0-2026-42245)
Vulnerability from cvelistv5 – Published: 2026-05-09 19:37 – Updated: 2026-05-12 18:30
VLAI
Title
net-imap: Quadratic complexity when reading response literals
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are crafted to exhaust the client's CPU for a denial of service attack. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-407 - Inefficient Algorithmic Complexity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/commit/6091f7d6b… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/88d95231f… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/de685f91a… | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.6.4 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42245",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:53:55.917796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:30:58.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are crafted to exhaust the client\u0027s CPU for a denial of service attack. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.3,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-407",
"description": "CWE-407: Inefficient Algorithmic Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:37:08.905Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-q2mw-fvj9-vvcw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-q2mw-fvj9-vvcw"
},
{
"name": "https://github.com/ruby/net-imap/commit/6091f7d6b1f3514cafbfe39c76f2b5d73de3ca96",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/6091f7d6b1f3514cafbfe39c76f2b5d73de3ca96"
},
{
"name": "https://github.com/ruby/net-imap/commit/88d95231fc8afef11c1f074453f7d75b68c9dfda",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/88d95231fc8afef11c1f074453f7d75b68c9dfda"
},
{
"name": "https://github.com/ruby/net-imap/commit/de685f91a4a4cc75eb80da898c2bf8af08d34819",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/de685f91a4a4cc75eb80da898c2bf8af08d34819"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
}
],
"source": {
"advisory": "GHSA-q2mw-fvj9-vvcw",
"discovery": "UNKNOWN"
},
"title": "net-imap: Quadratic complexity when reading response literals"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42245",
"datePublished": "2026-05-09T19:37:08.905Z",
"dateReserved": "2026-04-25T05:37:12.118Z",
"dateUpdated": "2026-05-12T18:30:58.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42246 (GCVE-0-2026-42246)
Vulnerability from cvelistv5 – Published: 2026-05-09 19:33 – Updated: 2026-06-30 03:17
VLAI
Title
net-imap vulnerable to STARTTLS stripping via invalid response timing
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAP#starttls to return "successfully", without starting TLS. This issue has been patched in versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/commit/0ede4c40b… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/24a4e770b… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/97e2488fb… | x_refsource_MISC |
| https://github.com/ruby/net-imap/commit/f79d35bf5… | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.3.10 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-42246 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2468499 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| ruby | net-imap |
Affected:
< 0.3.10
Affected: >= 0.4.0, < 0.4.24 Affected: >= 0.5.0, < 0.5.14 Affected: >= 0.6.0, < 0.6.4 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Hardened Images |
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T02:29:05.120225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T02:29:15.333Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "unaffected",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-09T19:33:17.880Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAP#starttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle (MITM) attacker can inject a predicted tagged OK response before the client completes the STARTTLS command, causing the operation to appear successful without establishing a TLS session. As a result, the connection may continue to transmit sensitive information in cleartext and enable modification of data exchanged over the affected connection, while the application incorrectly believes that encryption has been enabled."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-325",
"description": "Missing Cryptographic Step",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T03:17:59.563Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-42246"
},
{
"name": "RHBZ#2468499",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468499"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42246.json"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-09T20:01:04.782Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-09T19:33:17.880Z",
"value": "Made public."
}
],
"title": "net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS",
"workarounds": [
{
"lang": "en",
"value": "As a temporary workaround, Users are strongly encouraged to switch from explicit TLS upgrading mechanisms (STARTTLS on port 143) to Implicit TLS connections (such as IMAPS on port 993).\n\nBy enforcing implicit TLS via port 993 from the initial socket creation step, the connection is mathematically protected against packet injection and connection degradation tactics entirely, bypassing the vulnerable implementation path."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.3.10"
},
{
"status": "affected",
"version": "\u003e= 0.4.0, \u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAP#starttls to return \"successfully\", without starting TLS. This issue has been patched in versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-392",
"description": "CWE-392: Missing Report of Error Condition",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-393",
"description": "CWE-393: Return of Wrong Status Code",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-636",
"description": "CWE-636: Not Failing Securely (\u0027Failing Open\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-841",
"description": "CWE-841: Improper Enforcement of Behavioral Workflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:33:17.880Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-vcgp-9326-pqcp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-vcgp-9326-pqcp"
},
{
"name": "https://github.com/ruby/net-imap/commit/0ede4c40b1523dfeaf95777b2678e54cc0fd9618",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/0ede4c40b1523dfeaf95777b2678e54cc0fd9618"
},
{
"name": "https://github.com/ruby/net-imap/commit/24a4e770b43230286a05aa2a9746cdbb3eb8485e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/24a4e770b43230286a05aa2a9746cdbb3eb8485e"
},
{
"name": "https://github.com/ruby/net-imap/commit/97e2488fb5401a1783bddd959dde007d9fbce42c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/97e2488fb5401a1783bddd959dde007d9fbce42c"
},
{
"name": "https://github.com/ruby/net-imap/commit/f79d35bf5833f186e81044c57c843eda30c873da",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/commit/f79d35bf5833f186e81044c57c843eda30c873da"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.3.10",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.3.10"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
}
],
"source": {
"advisory": "GHSA-vcgp-9326-pqcp",
"discovery": "UNKNOWN"
},
"title": "net-imap vulnerable to STARTTLS stripping via invalid response timing"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42246",
"datePublished": "2026-05-09T19:33:17.880Z",
"dateReserved": "2026-04-25T05:37:12.118Z",
"dateUpdated": "2026-06-30T03:17:59.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43857 (GCVE-0-2025-43857)
Vulnerability from cvelistv5 – Published: 2025-04-28 16:02 – Updated: 2025-04-28 18:00
VLAI
Title
net-imap rubygem vulnerable to possible DoS by memory exhaustion
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a "literal" byte count, which is automatically read by the client's receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). This issue has been patched in versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/pull/442 | x_refsource_MISC |
| https://github.com/ruby/net-imap/pull/444/commits… | x_refsource_MISC |
| https://github.com/ruby/net-imap/pull/445 | x_refsource_MISC |
| https://github.com/ruby/net-imap/pull/446 | x_refsource_MISC |
| https://github.com/ruby/net-imap/pull/447 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43857",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-28T17:59:30.771022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T18:00:01.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.7"
},
{
"status": "affected",
"version": "\u003e= 0.4.0, \u003c 0.4.20"
},
{
"status": "affected",
"version": "\u003e= 0.3.0, \u003c 0.3.9"
},
{
"status": "affected",
"version": "\u003e= 0, \u003c 0.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a \"literal\" byte count, which is automatically read by the client\u0027s receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). This issue has been patched in versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789: Memory Allocation with Excessive Size Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-405",
"description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T16:02:04.459Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj"
},
{
"name": "https://github.com/ruby/net-imap/pull/442",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/442"
},
{
"name": "https://github.com/ruby/net-imap/pull/444/commits/0ae8576c1a90bcd9573f81bdad4b4b824642d105#diff-53721cb4d9c3fb86b95cc8476ca2df90968ad8c481645220c607034399151462",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/444/commits/0ae8576c1a90bcd9573f81bdad4b4b824642d105#diff-53721cb4d9c3fb86b95cc8476ca2df90968ad8c481645220c607034399151462"
},
{
"name": "https://github.com/ruby/net-imap/pull/445",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/445"
},
{
"name": "https://github.com/ruby/net-imap/pull/446",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/446"
},
{
"name": "https://github.com/ruby/net-imap/pull/447",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/pull/447"
}
],
"source": {
"advisory": "GHSA-j3g3-5qv5-52mj",
"discovery": "UNKNOWN"
},
"title": "net-imap rubygem vulnerable to possible DoS by memory exhaustion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-43857",
"datePublished": "2025-04-28T16:02:04.459Z",
"dateReserved": "2025-04-17T20:07:08.555Z",
"dateUpdated": "2025-04-28T18:00:01.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}