pkg:Debian/ruby3.3

All known vulnerabilities

• CRITICAL9.8CVE-2026-42257net-imap vulnerable to command Injection via "raw" arguments to multiple commands
  from 0
• CRITICAL9.8CVE-2026-42258net-imap vulnerable to command Injection via unvalidated Symbol inputs
  from 0
• CRITICAL9.8CVE-2026-27820Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption
  from 0
• HIGH8.1CVE-2026-41316ERB has an @_init deserialization guard bypass via def_module / def_method / def_class
  from 0
• HIGH7.5CVE-2026-42245net-imap has quadratic complexity when reading response literals
  from 0
• HIGH7.5CVE-2025-61594URI Credential Leakage Bypass over CVE-2025-27221
  from 0
• HIGH7.5CVE-2024-49761REXML ReDoS vulnerability
  from 0, < 3.3.6-1
• HIGH7.5CVE-2024-41946REXML DoS vulnerability
  from 0, < 3.3.5-1
• HIGH7.5CVE-2024-41123REXML DoS vulnerability
  from 0, < 3.3.5-1
• HIGH7.4CVE-2026-42246net-imap vulnerable to STARTTLS stripping via invalid response timing
  from 0
• MEDIUM6.5CVE-2026-42256net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication
  from 0
• MEDIUM6.5CVE-2025-43857net-imap rubygem vulnerable to possible DoS by memory exhaustion
  from 0
• MEDIUM6.5CVE-2025-25186Possible DoS by memory exhaustion in net-imap
  from 0, < 3.3.8-1
• MEDIUM5.9CVE-2024-43398REXML denial of service vulnerability
  from 0, < 3.3.5-1
• MEDIUM5.8CVE-2025-27219CGI has Denial of Service (DoS) potential in Cookie.parse
  from 0, < 3.3.7-2
• MEDIUM5.3CVE-2025-58767REXML has DoS condition when parsing malformed XML file
  from 0
• MEDIUM5.3CVE-2025-24294resolv vulnerable to DoS via insufficient DNS domain name length validation
  from 0
• MEDIUM4.3CVE-2024-39908REXML denial of service vulnerability
  from 0, < 3.3.5-1
• MEDIUM4.0CVE-2025-27220CGI has Regular Expression Denial of Service (ReDoS) potential in Util#escapeElement
  from 0, < 3.3.7-2
• LOW3.2CVE-2025-27221URI allows for userinfo Leakage in URI#join, URI#merge, and URI#+
  from 0, < 3.3.7-2