VIR Vulnerability Intelligence Relay

Package impact

ruby RubyGems / net-imap

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-42257 critical 9.8 9.8 24d ago net-imap vulnerable to command Injection via "raw" arguments to multiple commands debianruby
CVE-2026-42258 critical 9.8 9.8 24d ago net-imap vulnerable to command Injection via unvalidated Symbol inputs debianruby
CVE-2026-42245 high 7.5 7.5 24d ago net-imap has quadratic complexity when reading response literals susedebianruby
CVE-2026-42246 high 7.4 7.4 24d ago net-imap vulnerable to STARTTLS stripping via invalid response timing debianruby
CVE-2026-42256 medium 6.5 6.5 24d ago net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication susedebianruby
CVE-2025-25186 medium 5.5 1y ago Moderate: ruby:3.3 security update redhatrockylinuxsusedebian+1
CVE-2025-43857 unknown 1y ago Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory ex… susedebianruby