CVE-2025-43857MEDIUMCVSS 6.0fixed in 0.2.5·≥ 0.3.0, < 0.3.9+2 more2025-04-28
CVE-2025-43857 [MEDIUM] CWE-400 CVE-2025-43857: Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a "literal" byte count, wh
nvd