| CVE-2026-42257 |
critical |
9.8 |
9.8 |
|
|
|
1mo ago |
net-imap vulnerable to command Injection via "raw" arguments to multiple commands |
| CVE-2026-42258 |
critical |
9.8 |
9.8 |
|
|
|
1mo ago |
net-imap vulnerable to command Injection via unvalidated Symbol inputs |
| CVE-2026-42245 |
high |
7.5 |
7.5 |
|
|
|
1mo ago |
net-imap has quadratic complexity when reading response literals |
| CVE-2026-42246 |
high |
7.4 |
7.4 |
|
|
|
1mo ago |
net-imap vulnerable to STARTTLS stripping via invalid response timing |
| CVE-2026-42256 |
medium |
6.5 |
6.5 |
|
|
|
1mo ago |
net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication |
| CVE-2025-25186 |
medium |
— |
5.5 |
|
|
|
1y ago |
RHSA-2025:10217: ruby:3.3 security update (Moderate) |
| CVE-2025-43857 |
unknown |
— |
— |
|
|
|
1y ago |
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory ex… |
