Ruby Net-Imap vulnerabilities
2 known vulnerabilities affecting ruby/net-imap.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-43857MEDIUMCVSS 6.0v>= 0.5.0, < 0.5.7v>= 0.4.0, < 0.4.20+2 more2025-04-28
CVE-2025-43857 [MEDIUM] CWE-400 CVE-2025-43857: Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a "literal" byte count, wh
ghsanvdosv
CVE-2025-25186MEDIUMCVSS 6.5v>= 0.3.2, < 0.3.8v>= 0.4.0, < 0.4.19+1 more2025-02-10
CVE-2025-25186 [MEDIUM] CWE-400 CVE-2025-25186: Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in `net-imap`'s response parser. At any time while the client is connected, a malicious server can send can send highly c
ghsanvdosv