Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-42257 (GCVE-0-2026-42257)
Vulnerability from cvelistv5 – Published: 2026-05-09 19:39 – Updated: 2026-05-13 19:33| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
| https://github.com/ruby/net-imap/releases/tag/v0.4.24 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.5.14 | x_refsource_MISC |
| https://github.com/ruby/net-imap/releases/tag/v0.6.4 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T19:27:16.888782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T19:33:13.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T19:39:48.398Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"name": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
}
],
"source": {
"advisory": "GHSA-hm49-wcqc-g2xg",
"discovery": "UNKNOWN"
},
"title": "net-imap: Command Injection via \"raw\" arguments to multiple commands"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42257",
"datePublished": "2026-05-09T19:39:48.398Z",
"dateReserved": "2026-04-26T11:53:27.704Z",
"dateUpdated": "2026-05-13T19:33:13.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-42257",
"date": "2026-07-14",
"epss": "0.00429",
"percentile": "0.34678"
},
"microsoft_vex": {
"current_release_date": "2026-05-19T01:39:48.000Z",
"cve": "CVE-2026-42257",
"id": "msrc_CVE-2026-42257",
"initial_release_date": "2026-05-02T00:00:00.000Z",
"product_status:known_not_affected": "1",
"source": "Microsoft CSAF VEX",
"status": "final",
"title": "net-imap: Command Injection via \"raw\" arguments to multiple commands",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-42257.json",
"version": "3"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-42257\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-05-09T20:16:28.463\",\"lastModified\":\"2026-06-17T10:47:35.563\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"ruby\",\"product\":\"net-imap\",\"versions\":[{\"version\":\"\u003c 0.4.24\",\"status\":\"affected\"},{\"version\":\"\u003e= 0.5.0, \u003c 0.5.14\",\"status\":\"affected\"},{\"version\":\"\u003e= 0.6.0, \u003c 0.6.4\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-13T19:27:16.888782Z\",\"id\":\"CVE-2026-42257\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"},{\"lang\":\"en\",\"value\":\"CWE-93\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:net\\\\:\\\\:imap:*:*:*:*:*:ruby:*:*\",\"versionEndExcluding\":\"0.4.24\",\"matchCriteriaId\":\"05DB8FF3-7546-470A-BBB4-4DCAEAD83D6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:net\\\\:\\\\:imap:*:*:*:*:*:ruby:*:*\",\"versionStartIncluding\":\"0.5.0\",\"versionEndExcluding\":\"0.5.14\",\"matchCriteriaId\":\"2CCEB891-1D8F-4431-A79C-2A7560A84F4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:net\\\\:\\\\:imap:*:*:*:*:*:ruby:*:*\",\"versionStartIncluding\":\"0.6.0\",\"versionEndExcluding\":\"0.6.4\",\"matchCriteriaId\":\"9A6D1995-BFA3-490F-967D-252CA7BE2264\"}]}]}],\"references\":[{\"url\":\"https://github.com/ruby/net-imap/releases/tag/v0.4.24\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ruby/net-imap/releases/tag/v0.5.14\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ruby/net-imap/releases/tag/v0.6.4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}",
"redhat_vex": {
"aggregate_severity": "Moderate",
"current_release_date": "2026-07-13T05:10:05+00:00",
"cve": "CVE-2026-42257",
"id": "CVE-2026-42257",
"initial_release_date": "2026-05-09T19:39:48.398000+00:00",
"product_status:fixed": "12",
"product_status:known_affected": "133",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42257.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-42257\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-13T19:27:16.888782Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-13T19:33:08.202Z\"}}], \"cna\": {\"title\": \"net-imap: Command Injection via \\\"raw\\\" arguments to multiple commands\", \"source\": {\"advisory\": \"GHSA-hm49-wcqc-g2xg\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N\", \"userInteraction\": \"PASSIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"ruby\", \"product\": \"net-imap\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 0.4.24\"}, {\"status\": \"affected\", \"version\": \"\u003e= 0.5.0, \u003c 0.5.14\"}, {\"status\": \"affected\", \"version\": \"\u003e= 0.6.0, \u003c 0.6.4\"}]}], \"references\": [{\"url\": \"https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg\", \"name\": \"https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/ruby/net-imap/releases/tag/v0.4.24\", \"name\": \"https://github.com/ruby/net-imap/releases/tag/v0.4.24\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/ruby/net-imap/releases/tag/v0.5.14\", \"name\": \"https://github.com/ruby/net-imap/releases/tag/v0.5.14\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/ruby/net-imap/releases/tag/v0.6.4\", \"name\": \"https://github.com/ruby/net-imap/releases/tag/v0.6.4\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-93\", \"description\": \"CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-05-09T19:39:48.398Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-42257\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-13T19:33:13.948Z\", \"dateReserved\": \"2026-04-26T11:53:27.704Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-05-09T19:39:48.398Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-42257
Vulnerability from fkie_nvd - Published: 2026-05-09 20:16 - Updated: 2026-06-17 10:47{
"affected": [
{
"affectedData": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.4.24"
},
{
"status": "affected",
"version": "\u003e= 0.5.0, \u003c 0.5.14"
},
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4"
}
]
}
],
"source": "security-advisories@github.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ruby-lang:net\\:\\:imap:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "05DB8FF3-7546-470A-BBB4-4DCAEAD83D6F",
"versionEndExcluding": "0.4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:net\\:\\:imap:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "2CCEB891-1D8F-4431-A79C-2A7560A84F4E",
"versionEndExcluding": "0.5.14",
"versionStartIncluding": "0.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:net\\:\\:imap:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "9A6D1995-BFA3-490F-967D-252CA7BE2264",
"versionEndExcluding": "0.6.4",
"versionStartIncluding": "0.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4."
}
],
"id": "CVE-2026-42257",
"lastModified": "2026-06-17T10:47:35.563",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-42257",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T19:27:16.888782Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-05-09T20:16:28.463",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
},
{
"lang": "en",
"value": "CWE-93"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-HM49-WCQC-G2XG
Vulnerability from github – Published: 2026-05-04 22:04 – Updated: 2026-06-17 19:45Summary
Several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands.
Details
Net::IMAP's generic argument handling, used by most command arguments, interprets string arguments as an IMAP astring. Depending on the string contents and the connection's UTF-8 support, this encodes strings as either a atom, quoted, or literal. These are safe from command or argument injection.
But the following commands transform specific String arguments to Net::IMAP::RawData, which bypasses normal argument validation and encoding and prints the string directly to the socket:
* #uid_search, #search, #uid_sort, #sort, #uid_thread, #thread
* when criteria is a String, it is sent raw
* #uid_fetch, #fetch
* whenattris a String, it is sent raw
* whenattris an Array, each String inattris sent raw
*#uid_store,#store* whenattris a String, it is sent raw
*#setquota:
*limitis interpolated with#to_s` and that string is sent raw
Because these string arguments are sent without any neutralization, they serve as a direct vector for command splitting. Any user controlled data interpolated into these strings can be used to break out of the intended command context.
Using \"raw data\" arguments for #uid_store, #store, and #setquota I both inappropriate and unnecessary. Net::IMAP's generic argument handling is sufficient to safely validate and encode their arguments. Users of the library probably do not expect arguments to these commands to be sent raw and might not be wary of passing unvalidated input.
The API for search criteria and fetch attributes is intentionally low-level and \"close to the wire\". It allows developers to use some IMAP extensions without requiring explicit support from the library and allows developers to use complex IMAP grammar without complex argument translation. Even so, basic validation is appropriate and could neutralize command injection.
Although this was explicitly documented for search criteria, it was insufficiently documented for fetch attr. So developers may not have realized that the attr argument to #fetch and #uid_fetch is sent as \"raw data\".
Impact
If a developer passes an unvalidated user-controlled input for one of these method arguments, an attacker can append CRLF sequence followed by a new IMAP command (like DELETE mailbox). Although this does not directly enable data exfiltration, it could be combined with other attack vectors or knowledge of the target system's attributes, e.g.: shared mail folders or the application's installed response handlers.
The SEARCH, STORE, and FETCH commands, and their UID variants are some of the most commonly used features of the library. Applications that build search queries or fetch attributes dynamically based on user input (e.g., mail clients or archival tools) may be at significant risk.
The SORT and THREAD commands and their UID variants also handle their search criteria argument similarly to SEARCH and are subject to the same risk.
Expected use of Net::IMAP#setquota is much more limited: SETQUOTA is often only usable by users with special administrative privileges. Depending on the server, quota administration might be managed through server configuration rather than via the IMAP protocol SETQUOTA command. It is expected to be uncommonly used in system administration scripts or in interactive sessions, it should be completely controlled by trusted users, and should only use trusted inputs. Calling #setquota with untrusted user input is expected to be a very uncommon use case. Please note however this might be combined with other attacks, for example CSRF, which provide unauthorized access to trusted inputs, and may specifically target users or scripts with administrator privileges.
Mitigation
- Update to a patched version of
net-imapwhich: - validates that
Net::IMAP::RawDatais composed of well-formed IMAPtext,literal, andliteral8values, with no unescapedNULL,CR, orLFbytes. - does not use
Net::IMAP::RawDatafor#store,#uid_store, or#setquota. - Prefer to send search criteria as an array of key value pairs. Avoid sending it as an interpolated string.
- If an immediate upgrade is not possible:
- String inputs to search criteria and fetch attributes can be validated against command injection by checking for
\rand\ncharacters. - Hard-coding the store
attrargument is often appropriate. Alternatively, user controlled inputs can be restricted to a small enumerated list which is valid for the calling application. - Use
Kernel#Integerto coerce and validate user controlled inputs to#setquotalimit.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.6.3"
},
"package": {
"ecosystem": "RubyGems",
"name": "net-imap"
},
"ranges": [
{
"events": [
{
"introduced": "0.6.0"
},
{
"fixed": "0.6.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.5.13"
},
"package": {
"ecosystem": "RubyGems",
"name": "net-imap"
},
"ranges": [
{
"events": [
{
"introduced": "0.5.0"
},
{
"fixed": "0.5.14"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.4.23"
},
"package": {
"ecosystem": "RubyGems",
"name": "net-imap"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.4.24"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-42257"
],
"database_specific": {
"cwe_ids": [
"CWE-77",
"CWE-93"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-04T22:04:41Z",
"nvd_published_at": "2026-05-09T20:16:28Z",
"severity": "MODERATE"
},
"details": "### Summary\nSeveral `Net::IMAP` commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain `CRLF` sequences, which an attacker can use to inject arbitrary IMAP commands.\n\n### Details\n\n`Net::IMAP`\u0027s generic argument handling, used by most command arguments, interprets string arguments as an IMAP `astring`. Depending on the string contents and the connection\u0027s UTF-8 support, this encodes strings as either a `atom`, `quoted`, or `literal`. These are safe from command or argument injection.\n\nBut the following commands transform specific String arguments to `Net::IMAP::RawData`, which bypasses normal argument validation and encoding and prints the string directly to the socket:\n* `#uid_search`, `#search`, `#uid_sort`, `#sort`, `#uid_thread`, `#thread`\n * when `criteria` is a String, it is sent raw\n* `#uid_fetch`, `#fetch\n * when `attr` is a String, it is sent raw\n * when `attr` is an Array, each String in `attr` is sent raw\n* `#uid_store`, `#store`\n * when `attr` is a String, it is sent raw\n* `#setquota`:\n * `limit` is interpolated with `#to_s` and that string is sent raw\n\nBecause these string arguments are sent without any neutralization, they serve as a direct vector for command splitting. Any user controlled data interpolated into these strings can be used to break out of the intended command context.\n\nUsing \\\"raw data\\\" arguments for `#uid_store`, `#store`, and `#setquota` I both inappropriate and unnecessary. `Net::IMAP`\u0027s generic argument handling is sufficient to safely validate and encode their arguments. Users of the library probably do not expect arguments to these commands to be sent raw and might not be wary of passing unvalidated input.\n\nThe API for search criteria and fetch attributes is intentionally low-level and \\\"close to the wire\\\". It allows developers to use some IMAP extensions without requiring explicit support from the library and allows developers to use complex IMAP grammar without complex argument translation. Even so, basic validation is appropriate and could neutralize command injection.\n\nAlthough this was explicitly documented for search `criteria`, it was insufficiently documented for fetch `attr`. So developers may not have realized that the `attr` argument to `#fetch` and `#uid_fetch` is sent as \\\"raw data\\\".\n\n### Impact\n\nIf a developer passes an unvalidated user-controlled input for one of these method arguments, an attacker can append CRLF sequence followed by a new IMAP command (like DELETE mailbox). Although this does not _directly_ enable data exfiltration, it could be combined with other attack vectors or knowledge of the target system\u0027s attributes, e.g.: shared mail folders or the application\u0027s installed response handlers.\n\nThe SEARCH, STORE, and FETCH commands, and their UID variants are some of the most commonly used features of the library. Applications that build search queries or fetch attributes dynamically based on user input (e.g., mail clients or archival tools) may be at significant risk.\n\nThe SORT and THREAD commands and their UID variants also handle their search criteria argument similarly to SEARCH and are subject to the same risk.\n\nExpected use of `Net::IMAP#setquota` is much more limited: `SETQUOTA` is often only usable by users with special administrative privileges. Depending on the server, quota administration might be managed through server configuration rather than via the IMAP protocol `SETQUOTA` command. It is expected to be uncommonly used in system administration scripts or in interactive sessions, it should be completely controlled by trusted users, and should only use trusted inputs. Calling `#setquota` with untrusted user input is expected to be a very uncommon use case. Please note however this might be combined with other attacks, for example CSRF, which provide unauthorized access to trusted inputs, and may specifically target users or scripts with administrator privileges.\n\n### Mitigation\n - Update to a patched version of `net-imap` which:\n - validates that `Net::IMAP::RawData` is composed of well-formed IMAP `text`, `literal`, and `literal8` values, with no unescaped `NULL`, `CR`, or `LF` bytes.\n - does not use `Net::IMAP::RawData` for `#store`, `#uid_store`, or `#setquota`.\n - Prefer to send search criteria as an array of key value pairs. Avoid sending it as an interpolated string.\n - If an immediate upgrade is not possible:\n - String inputs to search criteria and fetch attributes can be validated against command injection by checking for `\\r` and `\\n` characters.\n - Hard-coding the store `attr` argument is often appropriate. Alternatively, user controlled inputs can be restricted to a small enumerated list which is valid for the calling application.\n - Use `Kernel#Integer` to coerce and validate user controlled inputs to `#setquota` limit.",
"id": "GHSA-hm49-wcqc-g2xg",
"modified": "2026-06-17T19:45:30Z",
"published": "2026-05-04T22:04:41Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42257"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/commit/0ec4fd351263e8b9a4f683713427827b7b1ad974"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/commit/47c72186d272441878ca73c9499f66013829ca2f"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/commit/6bf02aef7e0b5931010c36e377f79a71636b306b"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/commit/a4f7649c3da77dec7631f03a037a478eb4330048"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/commit/aec06996eb87a7e1bbcef1f9f8926e8add2b8c71"
},
{
"type": "PACKAGE",
"url": "https://github.com/ruby/net-imap"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/net-imap/CVE-2026-42257.yml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "net-imap vulnerable to command Injection via \"raw\" arguments to multiple commands"
}
MSRC_CVE-2026-42257
Vulnerability from csaf_microsoft - Published: 2026-05-02 00:00 - Updated: 2026-05-19 01:39| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-1 | — |
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-42257 net-imap: Command Injection via \"raw\" arguments to multiple commands - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-42257.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "net-imap: Command Injection via \"raw\" arguments to multiple commands",
"tracking": {
"current_release_date": "2026-05-19T01:39:48.000Z",
"generator": {
"date": "2026-05-19T07:12:12.458Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-42257",
"initial_release_date": "2026-05-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-05-11T01:03:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-05-11T14:47:33.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-05-19T01:39:48.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"category": "product_name",
"name": "azl3 ruby 0:3.3.5-8.azl3",
"product": {
"name": "azl3 ruby 0:3.3.5-8.azl3",
"product_id": "1"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 ruby 0:3.3.5-8.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-42257",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-1"
]
}
],
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"known_not_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-42257 net-imap: Command Injection via \"raw\" arguments to multiple commands - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-42257.json"
}
],
"title": "net-imap: Command Injection via \"raw\" arguments to multiple commands"
}
]
}
RHSA-2026:33721
Vulnerability from csaf_redhat - Published: 2026-06-30 19:02 - Updated: 2026-07-13 05:09A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol (IMAP) client functionality. A hostile server can exploit a quadratic time complexity issue in the `Net::IMAP::ResponseReader` when processing large responses containing numerous string literals. This can lead to the client's CPU being exhausted, resulting in a denial of service (DoS) attack.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAP#starttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle (MITM) attacker can inject a predicted tagged OK response before the client completes the STARTTLS command, causing the operation to appear successful without establishing a TLS session. As a result, the connection may continue to transmit sensitive information in cleartext and enable modification of data exchanged over the affected connection, while the application incorrectly believes that encryption has been enabled.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Net::IMAP, a Ruby library for Internet Message Access Protocol (IMAP) client functionality. A hostile server can exploit this vulnerability during SCRAM-SHA1 or SCRAM-SHA256 (Salted Challenge Response Authentication Mechanism - Secure Hash Algorithm 1 or 256) authentication by sending an excessively large iteration count value. This can lead to a computational denial-of-service attack, causing the client process to become unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Net::IMAP (before 0.4.24, 0.5.14, and 0.6.4). Several commands accept raw string arguments sent to the server without validation or escaping; if derived from user-controlled input, CRLF sequences allow injection of arbitrary IMAP commands.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful exploitation could lead to unauthorized actions on the IMAP server or client, potentially resulting in information disclosure or other integrity impacts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is possible when an IMAP server does not support non-synchronizing literals, leading to the misinterpretation of data as new commands. This command injection could enable unauthorized actions on the IMAP server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Net::IMAP, a Ruby client library for the Internet Message Access Protocol (IMAP). This vulnerability allows a remote attacker to cause a denial of service by sending specially crafted input to certain Net::IMAP commands. When a raw string argument, derived from user-controlled input, is not properly validated, it can force subsequent commands to be absorbed, leading to a hung connection and preventing further processing until the connection is closed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-3-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\nruby3.3:\n * ruby3.3-3.3.10-23.2.hum1 (aarch64, x86_64)\n * ruby3.3-bundled-gems-3.3.10-23.2.hum1 (aarch64, x86_64)\n * ruby3.3-default-gems-3.3.10-23.2.hum1 (noarch)\n * ruby3.3-devel-3.3.10-23.2.hum1 (aarch64, x86_64)\n * ruby3.3-doc-3.3.10-23.2.hum1 (noarch)\n * ruby3.3-libs-3.3.10-23.2.hum1 (aarch64, x86_64)\n * rubygem3.3-bigdecimal-3.1.5-23.2.hum1 (aarch64, x86_64)\n * rubygem3.3-bundler-2.5.22-23.2.hum1 (noarch)\n * rubygem3.3-devel-3.5.22-23.2.hum1 (noarch)\n * rubygem3.3-io-console-0.7.1-23.2.hum1 (aarch64, x86_64)\n * rubygem3.3-irb-1.13.1-23.2.hum1 (noarch)\n * rubygem3.3-json-2.7.2-23.2.hum1 (aarch64, x86_64)\n * rubygem3.3-minitest-5.20.0-23.2.hum1 (noarch)\n * rubygem3.3-power_assert-2.0.3-23.2.hum1 (noarch)\n * rubygem3.3-psych-5.1.2-23.2.hum1 (aarch64, x86_64)\n * rubygem3.3-racc-1.7.3-23.2.hum1 (aarch64, x86_64)\n * rubygem3.3-rake-13.1.0-23.2.hum1 (noarch)\n * rubygem3.3-rbs-3.4.0-23.2.hum1 (aarch64, x86_64)\n * rubygem3.3-rdoc-6.6.3.1-23.2.hum1 (noarch)\n * rubygem3.3-rexml-3.4.4-23.2.hum1 (noarch)\n * rubygem3.3-rss-0.3.1-23.2.hum1 (noarch)\n * rubygem3.3-rubygems-3.5.22-23.2.hum1 (noarch)\n * rubygem3.3-test-unit-3.6.1-23.2.hum1 (noarch)\n * rubygem3.3-typeprof-0.21.9-23.2.hum1 (noarch)\n * ruby3.3-3.3.10-23.2.hum1.src (src)\n\nSecurity Fix(es):\n\nruby3.3:\n * CVE-2026-42245\n * CVE-2026-42246\n * CVE-2026-42256",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33721",
"url": "https://access.redhat.com/errata/RHSA-2026:33721"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42245",
"url": "https://access.redhat.com/security/cve/CVE-2026-42245"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42246",
"url": "https://access.redhat.com/security/cve/CVE-2026-42246"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42256",
"url": "https://access.redhat.com/security/cve/CVE-2026-42256"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47241",
"url": "https://access.redhat.com/security/cve/CVE-2026-47241"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47240",
"url": "https://access.redhat.com/security/cve/CVE-2026-47240"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47242",
"url": "https://access.redhat.com/security/cve/CVE-2026-47242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42257",
"url": "https://access.redhat.com/security/cve/CVE-2026-42257"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42258",
"url": "https://access.redhat.com/security/cve/CVE-2026-42258"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33721.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update",
"tracking": {
"current_release_date": "2026-07-13T05:09:46+00:00",
"generator": {
"date": "2026-07-13T05:09:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:33721",
"initial_release_date": "2026-06-30T19:02:30+00:00",
"revision_history": [
{
"date": "2026-06-30T19:02:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-12T19:21:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T05:09:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-3-main@aarch64",
"product": {
"name": "ruby3-3-main@aarch64",
"product_id": "ruby3-3-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.3@3.3.10-23.2.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-3-main@src",
"product": {
"name": "ruby3-3-main@src",
"product_id": "ruby3-3-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.3@3.3.10-23.2.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-3-main@x86_64",
"product": {
"name": "ruby3-3-main@x86_64",
"product_id": "ruby3-3-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.3@3.3.10-23.2.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-3-main@noarch",
"product": {
"name": "ruby3-3-main@noarch",
"product_id": "ruby3-3-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.3-default-gems@3.3.10-23.2.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-3-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-3-main@aarch64"
},
"product_reference": "ruby3-3-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-3-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-3-main@noarch"
},
"product_reference": "ruby3-3-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-3-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-3-main@src"
},
"product_reference": "ruby3-3-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-3-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-3-main@x86_64"
},
"product_reference": "ruby3-3-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-42245",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-09T20:00:52.314743+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol (IMAP) client functionality. A hostile server can exploit a quadratic time complexity issue in the `Net::IMAP::ResponseReader` when processing large responses containing numerous string literals. This can lead to the client\u0027s CPU being exhausted, resulting in a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has rated this flaw as Moderate because a malicious IMAP server can trigger excessive CPU consumption in applications using the affected Net::IMAP library, resulting in a denial-of-service condition. Successful exploitation requires interaction with a hostile server, and the impact is limited to resource exhaustion of the affected client process. The vulnerability does not allow code execution, privilege escalation, or unauthorized access to data, reducing the overall security impact despite the potential availability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42245"
},
{
"category": "external",
"summary": "RHBZ#2468495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42245",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42245"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42245",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42245"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/6091f7d6b1f3514cafbfe39c76f2b5d73de3ca96",
"url": "https://github.com/ruby/net-imap/commit/6091f7d6b1f3514cafbfe39c76f2b5d73de3ca96"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/88d95231fc8afef11c1f074453f7d75b68c9dfda",
"url": "https://github.com/ruby/net-imap/commit/88d95231fc8afef11c1f074453f7d75b68c9dfda"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/de685f91a4a4cc75eb80da898c2bf8af08d34819",
"url": "https://github.com/ruby/net-imap/commit/de685f91a4a4cc75eb80da898c2bf8af08d34819"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-q2mw-fvj9-vvcw",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-q2mw-fvj9-vvcw"
}
],
"release_date": "2026-05-09T19:37:08.905000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T19:02:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33721"
},
{
"category": "workaround",
"details": "To reduce the risk of a denial of service, ensure that applications using the Net::IMAP library are configured to connect exclusively to trusted IMAP servers. Avoid connecting to untrusted or unverified IMAP services, as a hostile server can exploit this vulnerability. This operational control helps prevent exposure to malicious IMAP response processing.",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses"
},
{
"cve": "CVE-2026-42246",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2026-05-09T20:01:04.782096+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAP#starttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle (MITM) attacker can inject a predicted tagged OK response before the client completes the STARTTLS command, causing the operation to appear successful without establishing a TLS session. As a result, the connection may continue to transmit sensitive information in cleartext and enable modification of data exchanged over the affected connection, while the application incorrectly believes that encryption has been enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability affects the STARTTLS functionality in the Ruby net-imap library. Red Hat Product Security has assessed this issue as an Important severity vulnerability.\n\nAttack Complexity is considered High (AC:H), because successful exploitation requires an attacker capable of intercepting and modifying network traffic and successfully winning a timing race during the STARTTLS negotiation process.\n\nThis may allow exposure of authentication credentials, email contents, and other sensitive information, as well as unauthorized modification of data transmitted over the affected connection.\n\n```\n\nRed Hat\u0027s ruby packages distribute net-imap as a default bundled gem, the ruby package itself is listed affected. Applications relying on the system-provided Ruby installation to handle IMAP connections may be exposed to this flaw.\n\nRed Hat 3scale API Management uses net-imap which is a transitive dependency of mail, which is a dependency of actionmailer and actionmailbox. The images doesn\u2019t load them or use them in any way, hence, they are not affected.\n\n```",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42246"
},
{
"category": "external",
"summary": "RHBZ#2468499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42246",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42246"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42246",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42246"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/0ede4c40b1523dfeaf95777b2678e54cc0fd9618",
"url": "https://github.com/ruby/net-imap/commit/0ede4c40b1523dfeaf95777b2678e54cc0fd9618"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/24a4e770b43230286a05aa2a9746cdbb3eb8485e",
"url": "https://github.com/ruby/net-imap/commit/24a4e770b43230286a05aa2a9746cdbb3eb8485e"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/97e2488fb5401a1783bddd959dde007d9fbce42c",
"url": "https://github.com/ruby/net-imap/commit/97e2488fb5401a1783bddd959dde007d9fbce42c"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/f79d35bf5833f186e81044c57c843eda30c873da",
"url": "https://github.com/ruby/net-imap/commit/f79d35bf5833f186e81044c57c843eda30c873da"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.3.10",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.3.10"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-vcgp-9326-pqcp",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-vcgp-9326-pqcp"
}
],
"release_date": "2026-05-09T19:33:17.880000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T19:02:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33721"
},
{
"category": "workaround",
"details": "As a temporary workaround, Users are strongly encouraged to switch from explicit TLS upgrading mechanisms (STARTTLS on port 143) to Implicit TLS connections (such as IMAPS on port 993).\n\nBy enforcing implicit TLS via port 993 from the initial socket creation step, the connection is mathematically protected against packet injection and connection degradation tactics entirely, bypassing the vulnerable implementation path.",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS"
},
{
"cve": "CVE-2026-42256",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-09T20:01:08.343909+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468500"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby library for Internet Message Access Protocol (IMAP) client functionality. A hostile server can exploit this vulnerability during SCRAM-SHA1 or SCRAM-SHA256 (Salted Challenge Response Authentication Mechanism - Secure Hash Algorithm 1 or 256) authentication by sending an excessively large iteration count value. This can lead to a computational denial-of-service attack, causing the client process to become unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby/net-imap: ruby: Net::IMAP: Denial of Service via large iteration count in SCRAM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42256"
},
{
"category": "external",
"summary": "RHBZ#2468500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42256",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42256"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42256",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42256"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/158d0b505074397cdb5ceb58935e42dd2bcfa612",
"url": "https://github.com/ruby/net-imap/commit/158d0b505074397cdb5ceb58935e42dd2bcfa612"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/808001bc45c06f7297a7e96d341279e041a7f7f4",
"url": "https://github.com/ruby/net-imap/commit/808001bc45c06f7297a7e96d341279e041a7f7f4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/99f59eab6064955a23debd95410263ad144df758",
"url": "https://github.com/ruby/net-imap/commit/99f59eab6064955a23debd95410263ad144df758"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-87pf-fpwv-p7m7",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-87pf-fpwv-p7m7"
}
],
"release_date": "2026-05-09T19:38:33.106000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T19:02:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33721"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ruby/net-imap: ruby: Net::IMAP: Denial of Service via large iteration count in SCRAM authentication"
},
{
"cve": "CVE-2026-42257",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-09T20:00:49.315366+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468494"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP (before 0.4.24, 0.5.14, and 0.6.4). Several commands accept raw string arguments sent to the server without validation or escaping; if derived from user-controlled input, CRLF sequences allow injection of arbitrary IMAP commands.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Net::IMAP is vulnerable to IMAP command injection in versions before 0.4.24, 0.5.14, and 0.6.4. Several client commands accept raw string arguments that are sent to the IMAP server without CRLF validation or escaping; if application code passes user-controlled data into those arguments, an attacker can inject additional IMAP commands by embedding carriage return and line feed sequences. Red Hat impact is concentrated in Ruby-based products that bundle a vulnerable net-imap gem, including RHEL Ruby module streams, OpenShift Serverless (hummingbird) Ruby runtimes, and 3scale AMP components (zync/system) that use Net::IMAP with externally influenced input; Perl IMAP client packages on Fedora are a separate codebase and are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42257"
},
{
"category": "external",
"summary": "RHBZ#2468494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42257",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42257"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42257",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42257"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg"
}
],
"release_date": "2026-05-09T19:39:48.398000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T19:02:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33721"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input"
},
{
"cve": "CVE-2026-42258",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-09T20:01:01.698992+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468498"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful exploitation could lead to unauthorized actions on the IMAP server or client, potentially resulting in information disclosure or other integrity impacts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This command injection flaw is limited to the injection of IMAP commands. Arbitrary code execution is not a risk of this flaw and so the impact is limited to email systems.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42258"
},
{
"category": "external",
"summary": "RHBZ#2468498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468498"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42258",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42258"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42258",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42258"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px"
}
],
"release_date": "2026-05-09T19:40:49.405000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T19:02:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33721"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments"
},
{
"cve": "CVE-2026-47240",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-06-22T21:01:00.124981+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2491519"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is possible when an IMAP server does not support non-synchronizing literals, leading to the misinterpretation of data as new commands. This command injection could enable unauthorized actions on the IMAP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net-imap: Net::IMAP: Command injection via non-synchronizing literals",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate flaw in the Net::IMAP Ruby library allows for command injection against IMAP servers that lack support for non-synchronizing literals. An attacker could exploit this by providing specially crafted input, leading to the execution of arbitrary IMAP commands and potential unauthorized actions. This risk is primarily present in deployments interacting with older or non-standard IMAP server configurations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47240"
},
{
"category": "external",
"summary": "RHBZ#2491519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491519"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47240"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-8p34-64r3-mwg8",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-8p34-64r3-mwg8"
}
],
"release_date": "2026-06-22T20:17:15.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T19:02:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33721"
},
{
"category": "workaround",
"details": "Explicitly validate user-controlled inputs to prevent embedded non-synchronizing literals unless the server supports them. For a simpler, more cautious approach: all embedded literals can be unconditionally prohibited, by checking that string inputs do not contain any CR or LF bytes.",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net-imap: Net::IMAP: Command injection via non-synchronizing literals"
},
{
"cve": "CVE-2026-47241",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2026-06-22T21:01:13.810999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2491523"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby client library for the Internet Message Access Protocol (IMAP). This vulnerability allows a remote attacker to cause a denial of service by sending specially crafted input to certain Net::IMAP commands. When a raw string argument, derived from user-controlled input, is not properly validated, it can force subsequent commands to be absorbed, leading to a hung connection and preventing further processing until the connection is closed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net-imap: rubygem-net-imap: Net::IMAP: Denial of Service via malformed command input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A Moderate denial of service flaw was found in the Net::IMAP Ruby client library. This issue occurs when a remote attacker sends specially crafted input to certain Net::IMAP commands, causing the client connection to hang indefinitely. This can prevent further processing of IMAP commands until the connection is manually closed, impacting the availability of services relying on the Net::IMAP client.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47241"
},
{
"category": "external",
"summary": "RHBZ#2491523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47241",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47241"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47241",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47241"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66"
}
],
"release_date": "2026-06-22T20:11:04.329000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T19:02:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33721"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-3-main@aarch64",
"Red Hat Hardened Images:ruby3-3-main@noarch",
"Red Hat Hardened Images:ruby3-3-main@src",
"Red Hat Hardened Images:ruby3-3-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net-imap: rubygem-net-imap: Net::IMAP: Denial of Service via malformed command input"
}
]
}
RHSA-2026:35447
Vulnerability from csaf_redhat - Published: 2026-07-03 11:16 - Updated: 2026-07-13 05:10A flaw was found in Net::IMAP (before 0.4.24, 0.5.14, and 0.6.4). Several commands accept raw string arguments sent to the server without validation or escaping; if derived from user-controlled input, CRLF sequences allow injection of arbitrary IMAP commands.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful exploitation could lead to unauthorized actions on the IMAP server or client, potentially resulting in information disclosure or other integrity impacts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\nruby3.4:\n * ruby3.4-3.4.9-31.4.hum1 (aarch64, x86_64)\n * ruby3.4-bundled-gems-3.4.9-31.4.hum1 (aarch64, x86_64)\n * ruby3.4-default-gems-3.4.9-31.4.hum1 (noarch)\n * ruby3.4-devel-3.4.9-31.4.hum1 (aarch64, x86_64)\n * ruby3.4-doc-3.4.9-31.4.hum1 (noarch)\n * ruby3.4-libs-3.4.9-31.4.hum1 (aarch64, x86_64)\n * rubygem3.4-bigdecimal-3.1.8-31.4.hum1 (aarch64, x86_64)\n * rubygem3.4-bundler-2.6.9-31.4.hum1 (noarch)\n * rubygem3.4-devel-3.6.9-31.4.hum1 (noarch)\n * rubygem3.4-io-console-0.8.1-31.4.hum1 (aarch64, x86_64)\n * rubygem3.4-irb-1.14.3-31.4.hum1 (noarch)\n * rubygem3.4-json-2.9.1-31.4.hum1 (aarch64, x86_64)\n * rubygem3.4-minitest-5.25.4-31.4.hum1 (noarch)\n * rubygem3.4-power_assert-2.0.5-31.4.hum1 (noarch)\n * rubygem3.4-psych-5.2.2-31.4.hum1 (aarch64, x86_64)\n * rubygem3.4-racc-1.8.1-31.4.hum1 (aarch64, x86_64)\n * rubygem3.4-rake-13.2.1-31.4.hum1 (noarch)\n * rubygem3.4-rbs-3.8.0-31.4.hum1 (aarch64, x86_64)\n * rubygem3.4-rdoc-6.14.0-31.4.hum1 (noarch)\n * rubygem3.4-rexml-3.4.4-31.4.hum1 (noarch)\n * rubygem3.4-rss-0.3.1-31.4.hum1 (noarch)\n * rubygem3.4-rubygems-3.6.9-31.4.hum1 (noarch)\n * rubygem3.4-test-unit-3.6.7-31.4.hum1 (noarch)\n * rubygem3.4-typeprof-0.30.1-31.4.hum1 (noarch)\n * ruby3.4-3.4.9-31.4.hum1.src (src)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:35447",
"url": "https://access.redhat.com/errata/RHSA-2026:35447"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42257",
"url": "https://access.redhat.com/security/cve/CVE-2026-42257"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42258",
"url": "https://access.redhat.com/security/cve/CVE-2026-42258"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_35447.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-07-13T05:10:26+00:00",
"generator": {
"date": "2026-07-13T05:10:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:35447",
"initial_release_date": "2026-07-03T11:16:39+00:00",
"revision_history": [
{
"date": "2026-07-03T11:16:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-12T19:21:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T05:10:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-4-main@aarch64",
"product": {
"name": "ruby3-4-main@aarch64",
"product_id": "ruby3-4-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.4@3.4.9-31.4.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-4-main@src",
"product": {
"name": "ruby3-4-main@src",
"product_id": "ruby3-4-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.4@3.4.9-31.4.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-4-main@x86_64",
"product": {
"name": "ruby3-4-main@x86_64",
"product_id": "ruby3-4-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.4@3.4.9-31.4.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-4-main@noarch",
"product": {
"name": "ruby3-4-main@noarch",
"product_id": "ruby3-4-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.4-default-gems@3.4.9-31.4.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-4-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-4-main@aarch64"
},
"product_reference": "ruby3-4-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-4-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-4-main@noarch"
},
"product_reference": "ruby3-4-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-4-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-4-main@src"
},
"product_reference": "ruby3-4-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-4-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-4-main@x86_64"
},
"product_reference": "ruby3-4-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-42257",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-09T20:00:49.315366+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468494"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP (before 0.4.24, 0.5.14, and 0.6.4). Several commands accept raw string arguments sent to the server without validation or escaping; if derived from user-controlled input, CRLF sequences allow injection of arbitrary IMAP commands.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Net::IMAP is vulnerable to IMAP command injection in versions before 0.4.24, 0.5.14, and 0.6.4. Several client commands accept raw string arguments that are sent to the IMAP server without CRLF validation or escaping; if application code passes user-controlled data into those arguments, an attacker can inject additional IMAP commands by embedding carriage return and line feed sequences. Red Hat impact is concentrated in Ruby-based products that bundle a vulnerable net-imap gem, including RHEL Ruby module streams, OpenShift Serverless (hummingbird) Ruby runtimes, and 3scale AMP components (zync/system) that use Net::IMAP with externally influenced input; Perl IMAP client packages on Fedora are a separate codebase and are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42257"
},
{
"category": "external",
"summary": "RHBZ#2468494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42257",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42257"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42257",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42257"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg"
}
],
"release_date": "2026-05-09T19:39:48.398000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-03T11:16:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:35447"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input"
},
{
"cve": "CVE-2026-42258",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-09T20:01:01.698992+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468498"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful exploitation could lead to unauthorized actions on the IMAP server or client, potentially resulting in information disclosure or other integrity impacts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This command injection flaw is limited to the injection of IMAP commands. Arbitrary code execution is not a risk of this flaw and so the impact is limited to email systems.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42258"
},
{
"category": "external",
"summary": "RHBZ#2468498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468498"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42258",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42258"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42258",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42258"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px"
}
],
"release_date": "2026-05-09T19:40:49.405000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-03T11:16:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:35447"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments"
}
]
}
RHSA-2026:36978
Vulnerability from csaf_redhat - Published: 2026-07-09 00:46 - Updated: 2026-07-13 05:10A flaw was found in Net::IMAP (before 0.4.24, 0.5.14, and 0.6.4). Several commands accept raw string arguments sent to the server without validation or escaping; if derived from user-controlled input, CRLF sequences allow injection of arbitrary IMAP commands.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful exploitation could lead to unauthorized actions on the IMAP server or client, potentially resulting in information disclosure or other integrity impacts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\nruby4.0:\n * ruby4.0-4.0.5-35.hum1 (aarch64, x86_64)\n * ruby4.0-bundled-gems-4.0.5-35.hum1 (aarch64, x86_64)\n * ruby4.0-default-gems-4.0.5-35.hum1 (noarch)\n * ruby4.0-devel-4.0.5-35.hum1 (aarch64, x86_64)\n * ruby4.0-doc-4.0.5-35.hum1 (noarch)\n * ruby4.0-libs-4.0.5-35.hum1 (aarch64, x86_64)\n * rubygem4.0-bigdecimal-4.0.1-35.hum1 (aarch64, x86_64)\n * rubygem4.0-bundler-4.0.10-35.hum1 (noarch)\n * rubygem4.0-devel-4.0.10-35.hum1 (noarch)\n * rubygem4.0-io-console-0.8.2-35.hum1 (aarch64, x86_64)\n * rubygem4.0-irb-1.16.0-35.hum1 (noarch)\n * rubygem4.0-json-2.18.0-35.hum1 (aarch64, x86_64)\n * rubygem4.0-minitest-6.0.0-35.hum1 (noarch)\n * rubygem4.0-power_assert-3.0.1-35.hum1 (noarch)\n * rubygem4.0-psych-5.3.1-35.hum1 (aarch64, x86_64)\n * rubygem4.0-racc-1.8.1-35.hum1 (aarch64, x86_64)\n * rubygem4.0-rake-13.3.1-35.hum1 (noarch)\n * rubygem4.0-rbs-3.10.0-35.hum1 (aarch64, x86_64)\n * rubygem4.0-rdoc-7.0.4-35.hum1 (noarch)\n * rubygem4.0-rexml-3.4.4-35.hum1 (noarch)\n * rubygem4.0-rss-0.3.2-35.hum1 (noarch)\n * rubygem4.0-rubygems-4.0.10-35.hum1 (noarch)\n * rubygem4.0-test-unit-3.7.5-35.hum1 (noarch)\n * rubygem4.0-typeprof-0.31.1-35.hum1 (noarch)\n * ruby4.0-4.0.5-35.hum1.src (src)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36978",
"url": "https://access.redhat.com/errata/RHSA-2026:36978"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42257",
"url": "https://access.redhat.com/security/cve/CVE-2026-42257"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42258",
"url": "https://access.redhat.com/security/cve/CVE-2026-42258"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36978.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-07-13T05:10:28+00:00",
"generator": {
"date": "2026-07-13T05:10:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36978",
"initial_release_date": "2026-07-09T00:46:23+00:00",
"revision_history": [
{
"date": "2026-07-09T00:46:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-12T19:21:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T05:10:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby4-0-main@aarch64",
"product": {
"name": "ruby4-0-main@aarch64",
"product_id": "ruby4-0-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby4.0@4.0.5-35.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby4-0-main@src",
"product": {
"name": "ruby4-0-main@src",
"product_id": "ruby4-0-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby4.0@4.0.5-35.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby4-0-main@x86_64",
"product": {
"name": "ruby4-0-main@x86_64",
"product_id": "ruby4-0-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby4.0@4.0.5-35.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby4-0-main@noarch",
"product": {
"name": "ruby4-0-main@noarch",
"product_id": "ruby4-0-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby4.0-default-gems@4.0.5-35.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby4-0-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby4-0-main@aarch64"
},
"product_reference": "ruby4-0-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby4-0-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby4-0-main@noarch"
},
"product_reference": "ruby4-0-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby4-0-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby4-0-main@src"
},
"product_reference": "ruby4-0-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby4-0-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby4-0-main@x86_64"
},
"product_reference": "ruby4-0-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-42257",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-09T20:00:49.315366+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468494"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP (before 0.4.24, 0.5.14, and 0.6.4). Several commands accept raw string arguments sent to the server without validation or escaping; if derived from user-controlled input, CRLF sequences allow injection of arbitrary IMAP commands.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Net::IMAP is vulnerable to IMAP command injection in versions before 0.4.24, 0.5.14, and 0.6.4. Several client commands accept raw string arguments that are sent to the IMAP server without CRLF validation or escaping; if application code passes user-controlled data into those arguments, an attacker can inject additional IMAP commands by embedding carriage return and line feed sequences. Red Hat impact is concentrated in Ruby-based products that bundle a vulnerable net-imap gem, including RHEL Ruby module streams, OpenShift Serverless (hummingbird) Ruby runtimes, and 3scale AMP components (zync/system) that use Net::IMAP with externally influenced input; Perl IMAP client packages on Fedora are a separate codebase and are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42257"
},
{
"category": "external",
"summary": "RHBZ#2468494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42257",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42257"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42257",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42257"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg"
}
],
"release_date": "2026-05-09T19:39:48.398000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T00:46:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36978"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input"
},
{
"cve": "CVE-2026-42258",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-09T20:01:01.698992+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468498"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol (IMAP) client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful exploitation could lead to unauthorized actions on the IMAP server or client, potentially resulting in information disclosure or other integrity impacts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This command injection flaw is limited to the injection of IMAP commands. Arbitrary code execution is not a risk of this flaw and so the impact is limited to email systems.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42258"
},
{
"category": "external",
"summary": "RHBZ#2468498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468498"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42258",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42258"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42258",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42258"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-75xq-5h9v-w6px"
}
],
"release_date": "2026-05-09T19:40:49.405000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T00:46:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36978"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments"
}
]
}
ubuntu-cve-2026-42257
Vulnerability from osv_ubuntu
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
{
"affected": [
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "jruby",
"binary_version": "1.5.6-9+deb8u2build0.14.04.1~esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "jruby",
"purl": "pkg:deb/ubuntu/jruby@1.5.6-9+deb8u2build0.14.04.1~esm2?arch=source\u0026distro=esm-infra-legacy/trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.5.6-5ubuntu1",
"1.5.6-6",
"1.5.6-7",
"1.5.6-9+deb8u2build0.14.04.1~esm2"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libruby2.3",
"binary_version": "2.3.1-2~ubuntu16.04.16+esm14"
},
{
"binary_name": "ruby2.3",
"binary_version": "2.3.1-2~ubuntu16.04.16+esm14"
},
{
"binary_name": "ruby2.3-tcltk",
"binary_version": "2.3.1-2~ubuntu16.04.16+esm14"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "ruby2.3",
"purl": "pkg:deb/ubuntu/ruby2.3@2.3.1-2~ubuntu16.04.16+esm14?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.1-2~ubuntu16.04.16+esm14"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.3.0-1",
"2.3.0-2",
"2.3.0-4ubuntu2",
"2.3.0-4ubuntu3",
"2.3.0-5ubuntu1",
"2.3.1-2~16.04",
"2.3.1-2~16.04.2",
"2.3.1-2~16.04.4",
"2.3.1-2~16.04.5",
"2.3.1-2~16.04.6",
"2.3.1-2~16.04.7",
"2.3.1-2~16.04.9",
"2.3.1-2~16.04.10",
"2.3.1-2~16.04.11",
"2.3.1-2~16.04.12",
"2.3.1-2~ubuntu16.04.13",
"2.3.1-2~ubuntu16.04.14",
"2.3.1-2~ubuntu16.04.15",
"2.3.1-2~ubuntu16.04.16",
"2.3.1-2~ubuntu16.04.16+esm1",
"2.3.1-2~ubuntu16.04.16+esm2",
"2.3.1-2~ubuntu16.04.16+esm3",
"2.3.1-2~ubuntu16.04.16+esm4",
"2.3.1-2~ubuntu16.04.16+esm5",
"2.3.1-2~ubuntu16.04.16+esm6",
"2.3.1-2~ubuntu16.04.16+esm7",
"2.3.1-2~ubuntu16.04.16+esm8",
"2.3.1-2~ubuntu16.04.16+esm9",
"2.3.1-2~ubuntu16.04.16+esm10",
"2.3.1-2~ubuntu16.04.16+esm11",
"2.3.1-2~ubuntu16.04.16+esm12"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "jruby",
"binary_version": "1.7.22-1ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "jruby",
"purl": "pkg:deb/ubuntu/jruby@1.7.22-1ubuntu1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.7.21-2ubuntu4",
"1.7.22-1ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libruby2.5",
"binary_version": "2.5.1-1ubuntu1.16+esm8"
},
{
"binary_name": "ruby2.5",
"binary_version": "2.5.1-1ubuntu1.16+esm8"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "ruby2.5",
"purl": "pkg:deb/ubuntu/ruby2.5@2.5.1-1ubuntu1.16+esm8?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.1-1ubuntu1.16+esm8"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0~preview1-1ubuntu2",
"2.5.0-4ubuntu1",
"2.5.0-4ubuntu4",
"2.5.0-5ubuntu1",
"2.5.0-6ubuntu1",
"2.5.1-1ubuntu1",
"2.5.1-1ubuntu1.1",
"2.5.1-1ubuntu1.2",
"2.5.1-1ubuntu1.4",
"2.5.1-1ubuntu1.5",
"2.5.1-1ubuntu1.6",
"2.5.1-1ubuntu1.7",
"2.5.1-1ubuntu1.8",
"2.5.1-1ubuntu1.9",
"2.5.1-1ubuntu1.10",
"2.5.1-1ubuntu1.11",
"2.5.1-1ubuntu1.12",
"2.5.1-1ubuntu1.13",
"2.5.1-1ubuntu1.14",
"2.5.1-1ubuntu1.15",
"2.5.1-1ubuntu1.16",
"2.5.1-1ubuntu1.16+esm1",
"2.5.1-1ubuntu1.16+esm3",
"2.5.1-1ubuntu1.16+esm4",
"2.5.1-1ubuntu1.16+esm5",
"2.5.1-1ubuntu1.16+esm6",
"2.5.1-1ubuntu1.16+esm7"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "jruby",
"binary_version": "9.1.17.0-1~18.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "jruby",
"purl": "pkg:deb/ubuntu/jruby@9.1.17.0-1~18.04?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.1.13.0-1",
"9.1.17.0-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libruby2.7",
"binary_version": "2.7.0-5ubuntu1.18+esm5"
},
{
"binary_name": "ruby2.7",
"binary_version": "2.7.0-5ubuntu1.18+esm5"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "ruby2.7",
"purl": "pkg:deb/ubuntu/ruby2.7@2.7.0-5ubuntu1.18+esm5?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.7.0-5ubuntu1.18+esm5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0-1",
"2.7.0-2",
"2.7.0-3",
"2.7.0-4",
"2.7.0-4ubuntu1",
"2.7.0-5ubuntu1",
"2.7.0-5ubuntu1.1",
"2.7.0-5ubuntu1.2",
"2.7.0-5ubuntu1.3",
"2.7.0-5ubuntu1.4",
"2.7.0-5ubuntu1.5",
"2.7.0-5ubuntu1.6",
"2.7.0-5ubuntu1.7",
"2.7.0-5ubuntu1.8",
"2.7.0-5ubuntu1.9",
"2.7.0-5ubuntu1.10",
"2.7.0-5ubuntu1.11",
"2.7.0-5ubuntu1.12",
"2.7.0-5ubuntu1.13",
"2.7.0-5ubuntu1.14",
"2.7.0-5ubuntu1.15",
"2.7.0-5ubuntu1.16",
"2.7.0-5ubuntu1.17",
"2.7.0-5ubuntu1.18",
"2.7.0-5ubuntu1.18+esm1",
"2.7.0-5ubuntu1.18+esm3",
"2.7.0-5ubuntu1.18+esm4"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "jruby",
"binary_version": "9.1.17.0-3build6"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "jruby",
"purl": "pkg:deb/ubuntu/jruby@9.1.17.0-3build6?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.1.17.0-3",
"9.1.17.0-3build5",
"9.1.17.0-3build6"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libruby3.0",
"binary_version": "3.0.2-7ubuntu2.13"
},
{
"binary_name": "ruby3.0",
"binary_version": "3.0.2-7ubuntu2.13"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "ruby3.0",
"purl": "pkg:deb/ubuntu/ruby3.0@3.0.2-7ubuntu2.13?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-7ubuntu2.13"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.2-5ubuntu1",
"3.0.2-7",
"3.0.2-7ubuntu2",
"3.0.2-7ubuntu2.1",
"3.0.2-7ubuntu2.2",
"3.0.2-7ubuntu2.3",
"3.0.2-7ubuntu2.4",
"3.0.2-7ubuntu2.5",
"3.0.2-7ubuntu2.6",
"3.0.2-7ubuntu2.7",
"3.0.2-7ubuntu2.8",
"3.0.2-7ubuntu2.10",
"3.0.2-7ubuntu2.11",
"3.0.2-7ubuntu2.12"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "jruby",
"binary_version": "9.4.6.0+ds-1ubuntu3"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "jruby",
"purl": "pkg:deb/ubuntu/jruby@9.4.6.0+ds-1ubuntu3?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.3.9.0+ds-1",
"9.4.5.0+ds-1",
"9.4.5.0+ds-1ubuntu1",
"9.4.6.0+ds-1ubuntu3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libruby3.2",
"binary_version": "3.2.3-1ubuntu0.24.04.8"
},
{
"binary_name": "ruby3.2",
"binary_version": "3.2.3-1ubuntu0.24.04.8"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "ruby3.2",
"purl": "pkg:deb/ubuntu/ruby3.2@3.2.3-1ubuntu0.24.04.8?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.3-1ubuntu0.24.04.8"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.2.3-1",
"3.2.3-1build2",
"3.2.3-1build3",
"3.2.3-1ubuntu0.24.04.1",
"3.2.3-1ubuntu0.24.04.3",
"3.2.3-1ubuntu0.24.04.5",
"3.2.3-1ubuntu0.24.04.6",
"3.2.3-1ubuntu0.24.04.7"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "jruby",
"binary_version": "9.4.8.0+ds-3ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "jruby",
"purl": "pkg:deb/ubuntu/jruby@9.4.8.0+ds-3ubuntu1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.4.8.0+ds-2ubuntu1",
"9.4.8.0+ds-3ubuntu1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libruby3.3",
"binary_version": "3.3.8-2ubuntu2.1"
},
{
"binary_name": "ruby3.3",
"binary_version": "3.3.8-2ubuntu2.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "ruby3.3",
"purl": "pkg:deb/ubuntu/ruby3.3@3.3.8-2ubuntu2.1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.7-1ubuntu2",
"3.3.8-2ubuntu1",
"3.3.8-2ubuntu2",
"3.3.8-2ubuntu2.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "jruby",
"binary_version": "9.4.8.0+ds-3ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "jruby",
"purl": "pkg:deb/ubuntu/jruby@9.4.8.0+ds-3ubuntu1?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.4.8.0+ds-3ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libruby3.3",
"binary_version": "3.3.8-2ubuntu3.1"
},
{
"binary_name": "ruby3.3",
"binary_version": "3.3.8-2ubuntu3.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "ruby3.3",
"purl": "pkg:deb/ubuntu/ruby3.3@3.3.8-2ubuntu3.1?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.8-2ubuntu3.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.8-2ubuntu2",
"3.3.8-2ubuntu3"
]
}
],
"aliases": [],
"details": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.",
"id": "UBUNTU-CVE-2026-42257",
"modified": "2026-07-06T14:11:22Z",
"published": "2026-05-09T20:16:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-42257"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42257"
},
{
"type": "REPORT",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"type": "REPORT",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"type": "REPORT",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"type": "REPORT",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-hm49-wcqc-g2xg"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8431-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8478-1"
}
],
"related": [
"USN-8431-1",
"USN-8478-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2026-42257"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.