pkg:RubyGems/net-imap

All known vulnerabilities

• CRITICAL9.8CVE-2026-42257net-imap vulnerable to command Injection via "raw" arguments to multiple commands
  >= 0.6.0, < 0.6.4
• CRITICAL9.8CVE-2026-42258net-imap vulnerable to command Injection via unvalidated Symbol inputs
  >= 0.6.0, < 0.6.4
• HIGH7.5CVE-2026-42245net-imap has quadratic complexity when reading response literals
  >= 0.6.0, < 0.6.4
• HIGH7.4CVE-2026-42246net-imap vulnerable to STARTTLS stripping via invalid response timing
  >= 0.6.0, < 0.6.4
• MEDIUM6.5CVE-2026-42256net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication
  >= 0.6.0, < 0.6.4
• MEDIUM6.5CVE-2025-43857net-imap rubygem vulnerable to possible DoS by memory exhaustion
  >= 0.5.0, < 0.5.7
• MEDIUM6.5CVE-2025-25186Possible DoS by memory exhaustion in net-imap
  >= 0.3.2, < 0.3.8