Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-47241 (GCVE-0-2026-47241)
Vulnerability from cvelistv5 – Published: 2026-06-22 20:11 – Updated: 2026-06-23 14:16| URL | Tags |
|---|---|
| https://github.com/ruby/net-imap/security/advisor… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T14:16:22.874467Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T14:16:32.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4.1"
},
{
"status": "affected",
"version": "\u003c 0.5.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the first command. This will cause the first command to eventually fail, but also prevents it from returning until another command is sent (from another thread). That other command will not return until the connection is closed. This vulnerability is fixed in 0.6.5 and 0.5.15."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.1,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-162",
"description": "CWE-162: Improper Neutralization of Trailing Special Elements",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-182",
"description": "CWE-182: Collapse of Data into Unsafe Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-186",
"description": "CWE-186: Overly Restrictive Regular Expression",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T20:11:04.329Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66"
}
],
"source": {
"advisory": "GHSA-c4fp-cxrr-mj66",
"discovery": "UNKNOWN"
},
"title": "Net::IMAP: Denial of Service via incomplete raw argument validation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-47241",
"datePublished": "2026-06-22T20:11:04.329Z",
"dateReserved": "2026-05-18T22:54:18.272Z",
"dateUpdated": "2026-06-23T14:16:32.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-47241",
"date": "2026-07-03",
"epss": "0.00239",
"percentile": "0.14869"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-47241\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-06-22T21:16:24.677\",\"lastModified\":\"2026-06-23T15:16:34.757\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the first command. This will cause the first command to eventually fail, but also prevents it from returning until another command is sent (from another thread). That other command will not return until the connection is closed. This vulnerability is fixed in 0.6.5 and 0.5.15.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"ruby\",\"product\":\"net-imap\",\"versions\":[{\"version\":\"\u003e= 0.6.0, \u003c 0.6.4.1\",\"status\":\"affected\"},{\"version\":\"\u003c 0.5.15\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":2.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-06-23T14:16:22.874467Z\",\"id\":\"CVE-2026-47241\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-162\"},{\"lang\":\"en\",\"value\":\"CWE-182\"},{\"lang\":\"en\",\"value\":\"CWE-186\"}]}],\"references\":[{\"url\":\"https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-47241\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-23T14:16:22.874467Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-23T14:16:29.139Z\"}}], \"cna\": {\"title\": \"Net::IMAP: Denial of Service via incomplete raw argument validation\", \"source\": {\"advisory\": \"GHSA-c4fp-cxrr-mj66\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 2.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N\", \"userInteraction\": \"PASSIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"ruby\", \"product\": \"net-imap\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 0.6.0, \u003c 0.6.4.1\"}, {\"status\": \"affected\", \"version\": \"\u003c 0.5.15\"}]}], \"references\": [{\"url\": \"https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66\", \"name\": \"https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the first command. This will cause the first command to eventually fail, but also prevents it from returning until another command is sent (from another thread). That other command will not return until the connection is closed. This vulnerability is fixed in 0.6.5 and 0.5.15.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-162\", \"description\": \"CWE-162: Improper Neutralization of Trailing Special Elements\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-182\", \"description\": \"CWE-182: Collapse of Data into Unsafe Value\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-186\", \"description\": \"CWE-186: Overly Restrictive Regular Expression\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-06-22T20:11:04.329Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-47241\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-23T14:16:32.846Z\", \"dateReserved\": \"2026-05-18T22:54:18.272Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-06-22T20:11:04.329Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-47241
Vulnerability from fkie_nvd - Published: 2026-06-22 21:16 - Updated: 2026-06-23 15:16| Vendor | Product | Version |
|---|
{
"affected": [
{
"affectedData": [
{
"product": "net-imap",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.6.0, \u003c 0.6.4.1"
},
{
"status": "affected",
"version": "\u003c 0.5.15"
}
]
}
],
"source": "security-advisories@github.com"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the first command. This will cause the first command to eventually fail, but also prevents it from returning until another command is sent (from another thread). That other command will not return until the connection is closed. This vulnerability is fixed in 0.6.5 and 0.5.15."
}
],
"id": "CVE-2026-47241",
"lastModified": "2026-06-23T15:16:34.757",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-47241",
"options": [
{
"exploitation": "none"
},
{
"automatable": "yes"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T14:16:22.874467Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-06-22T21:16:24.677",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-162"
},
{
"lang": "en",
"value": "CWE-182"
},
{
"lang": "en",
"value": "CWE-186"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-C4FP-CXRR-MJ66
Vulnerability from github – Published: 2026-06-09 18:36 – Updated: 2026-06-09 18:36Summary
Several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the first command. This will cause the first command to eventually fail, but also prevents it from returning until another command is sent (from another thread). That other command will not return until the connection is closed.
Details
Net::IMAP::RawData was hardened in v0.6.4, v0.5.14, and v0.4.24 to reject string arguments that would smuggle an invalid literal-continuation marker onto the wire (CVE-2026-42257, GHSA-hm49-wcqc-g2xg). But the trailing-marker check uses an incorrect regex which does not match {0} or {0+}, so an attacker-controlled seach criteria or fetch attr string ending in {0} or {0+} passes validation and is sent verbatim. Since these arguments are sent as the last argument in the command, they will be followed by CRLF. Although the CRLF was intended to end the command, the server will interpret it as part of a literal prefix. This consumes the next command the client puts on the socket as additional arguments to the current command.
This affects the following command's arguments:
* criteria for #search and #uid_search
* search_keys for #sort, #thread, #uid_sort, and #uid_thread
* attr for #fetch and #uid_fetch
The command which contained the attacker's raw data will not be able to complete until the next command is issued. If commands are only sent from single thread, the first command will hang until the connection times out (most likely by the server closing the connection).
If a second command is sent (from another thread), this would allow the server to respond to the first command. This combined command will be invalid:
* The {0}\r\n literal prohibits other arguments (such as a quoted string) from spanning both commands
* It will be sent without the space delimiter which is required between arguments.
* The second command's tag will not be a valid argument to any of the vulnerable commands.
So the server should respond to the first command with a BAD response, which will raise a BadResponseError.
But, since the server never saw a second command, the second command will never receive a tagged response and the thread that sent it will hang until the connection is closed.
Impact
This will result in unexpected crashes and timeouts, which could be used to create a simple denial of service attack. This attack will present very similarly to common network issues or server issues which also result in commands hanging or unexpectedly raising exceptions. By itself, this does not allow command injection. But the confusion caused by these errors could lead to other downstream issues, especially in a multi-threaded environment.
Mitigation
Update to a patched version of net-imap which validates that RawData arguments may not end with literal continuation markers.
If net-imap cannot be upgraded:
* Validate that user input to the affected command arguments does not end with "}".
* Use of Timeout or other standard strategies for slow connections and misbehaving servers will also mitigate the effects of this.
Extra caution is required when issuing commands from multiple threads. While net-imap does have rudimentary support for issuing commands from multiple threads, the user is responsible for synchronizing that commands are issued in a logically coherent order, and for ensuring that commands are only pipelined when it is safe to do so. Practically, this means that many commands cannot be safely pipelined together, and user code will often need to wait for state changing commands to successfully complete before issuing commands that rely on that state change.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.6.4"
},
"package": {
"ecosystem": "RubyGems",
"name": "net-imap"
},
"ranges": [
{
"events": [
{
"introduced": "0.6.0"
},
{
"fixed": "0.6.4.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.5.14"
},
"package": {
"ecosystem": "RubyGems",
"name": "net-imap"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-47241"
],
"database_specific": {
"cwe_ids": [
"CWE-162",
"CWE-182",
"CWE-186"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-09T18:36:11Z",
"nvd_published_at": null,
"severity": "LOW"
},
"details": "### Summary\n\nSeveral Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the first command. This will cause the first command to eventually fail, but also prevents it from returning until another command is sent (from another thread). That other command will not return until the connection is closed.\n\n### Details\n\n`Net::IMAP::RawData` was hardened in v0.6.4, v0.5.14, and v0.4.24 to reject string arguments that would smuggle an invalid literal-continuation marker onto the wire (CVE-2026-42257, GHSA-hm49-wcqc-g2xg). But the trailing-marker check uses an incorrect regex which does not match `{0}` or `{0+}`, so an attacker-controlled seach `criteria` or fetch `attr` string ending in `{0}` or `{0+}` passes validation and is sent verbatim. Since these arguments are sent as the last argument in the command, they will be followed by CRLF. Although the CRLF was intended to end the command, the server will interpret it as part of a literal prefix. This consumes the next command the client puts on the socket as additional arguments to the current command.\n\nThis affects the following command\u0027s arguments:\n* `criteria` for `#search` and `#uid_search`\n* `search_keys` for `#sort`, `#thread`, `#uid_sort`, and `#uid_thread`\n* `attr` for `#fetch` and `#uid_fetch`\n\nThe command which contained the attacker\u0027s raw data will not be able to complete until the _next_ command is issued. If commands are only sent from single thread, the first command will hang until the connection times out (most likely by the server closing the connection).\n\nIf a second command is sent _(from another thread)_, this would allow the server to respond to the first command. This combined command _will_ be invalid:\n* The `{0}\\r\\n` literal prohibits other arguments (such as a quoted string) from spanning both commands\n* It will be sent without the space delimiter which is required between arguments.\n* The second command\u0027s tag will not be a valid argument to any of the vulnerable commands.\n\nSo the server _should_ respond to the first command with a `BAD` response, which will raise a `BadResponseError`. \n\nBut, since the server never saw a second command, the second command will never receive a tagged response and the thread that sent it will hang until the connection is closed.\n\n### Impact\n\nThis will result in unexpected crashes and timeouts, which could be used to create a simple denial of service attack. This attack will present very similarly to common network issues or server issues which also result in commands hanging or unexpectedly raising exceptions. By itself, this does not allow command injection. But the confusion caused by these errors could lead to other downstream issues, especially in a multi-threaded environment.\n\n### Mitigation\n\nUpdate to a patched version of `net-imap` which validates that `RawData` arguments may not end with literal continuation markers.\nIf `net-imap` cannot be upgraded:\n* Validate that user input to the affected command arguments does not end with `\"}\"`.\n* Use of `Timeout` or other standard strategies for slow connections and misbehaving servers will also mitigate the effects of this.\n\n_Extra caution is required when issuing commands from multiple threads._ While `net-imap` does have rudimentary support for issuing commands from multiple threads, the user is responsible for synchronizing that commands are issued in a logically coherent order, and for ensuring that commands are only pipelined when it is safe to do so. Practically, this means that many commands cannot be safely pipelined together, and user code will often need to wait for state changing commands to successfully complete before issuing commands that rely on that state change.",
"id": "GHSA-c4fp-cxrr-mj66",
"modified": "2026-06-09T18:36:11Z",
"published": "2026-06-09T18:36:11Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66"
},
{
"type": "PACKAGE",
"url": "https://github.com/ruby/net-imap"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Net::IMAP: Denial of Service via incomplete raw argument validation"
}
MSRC_CVE-2026-47241
Vulnerability from csaf_microsoft - Published: 2026-06-02 00:00 - Updated: 2026-06-29 14:47| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-1 | — |
None Available
|
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-47241 Net::IMAP: Denial of Service via incomplete raw argument validation - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-47241.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Net::IMAP: Denial of Service via incomplete raw argument validation",
"tracking": {
"current_release_date": "2026-06-29T14:47:35.000Z",
"generator": {
"date": "2026-06-30T07:12:10.255Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-47241",
"initial_release_date": "2026-06-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-06-27T01:09:26.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-06-29T14:47:35.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 ruby 0:3.3.5-8.azl3",
"product": {
"name": "azl3 ruby 0:3.3.5-8.azl3",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "ruby"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 ruby 0:3.3.5-8.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-47241",
"cwe": {
"id": "CWE-162",
"name": "Improper Neutralization of Trailing Special Elements"
},
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"known_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-47241 Net::IMAP: Denial of Service via incomplete raw argument validation - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-47241.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2026-06-27T01:09:26.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-1"
]
}
],
"title": "Net::IMAP: Denial of Service via incomplete raw argument validation"
}
]
}
RHSA-2026:33551
Vulnerability from csaf_redhat - Published: 2026-06-30 14:25 - Updated: 2026-07-03 17:35A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol (IMAP) client functionality. A hostile server can exploit a quadratic time complexity issue in the `Net::IMAP::ResponseReader` when processing large responses containing numerous string literals. This can lead to the client's CPU being exhausted, resulting in a denial of service (DoS) attack.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAP#starttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle (MITM) attacker can inject a predicted tagged OK response before the client completes the STARTTLS command, causing the operation to appear successful without establishing a TLS session. As a result, the connection may continue to transmit sensitive information in cleartext and enable modification of data exchanged over the affected connection, while the application incorrectly believes that encryption has been enabled.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Net::IMAP, a Ruby library for Internet Message Access Protocol (IMAP) client functionality. A hostile server can exploit this vulnerability during SCRAM-SHA1 or SCRAM-SHA256 (Salted Challenge Response Authentication Mechanism - Secure Hash Algorithm 1 or 256) authentication by sending an excessively large iteration count value. This can lead to a computational denial-of-service attack, causing the client process to become unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Net::IMAP, a Ruby client library for the Internet Message Access Protocol (IMAP). This vulnerability allows a remote attacker to cause a denial of service by sending specially crafted input to certain Net::IMAP commands. When a raw string argument, derived from user-controlled input, is not properly validated, it can force subsequent commands to be absorbed, leading to a hung connection and preventing further processing until the connection is closed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby4-0-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\nruby4.0:\n * ruby4.0-4.0.0-33.4.hum1 (aarch64, x86_64)\n * ruby4.0-bundled-gems-4.0.0-33.4.hum1 (aarch64, x86_64)\n * ruby4.0-default-gems-4.0.0-33.4.hum1 (noarch)\n * ruby4.0-devel-4.0.0-33.4.hum1 (aarch64, x86_64)\n * ruby4.0-doc-4.0.0-33.4.hum1 (noarch)\n * ruby4.0-libs-4.0.0-33.4.hum1 (aarch64, x86_64)\n * rubygem4.0-bigdecimal-4.0.1-33.4.hum1 (aarch64, x86_64)\n * rubygem4.0-bundler-4.0.3-33.4.hum1 (noarch)\n * rubygem4.0-devel-4.0.3-33.4.hum1 (noarch)\n * rubygem4.0-io-console-0.8.2-33.4.hum1 (aarch64, x86_64)\n * rubygem4.0-irb-1.16.0-33.4.hum1 (noarch)\n * rubygem4.0-json-2.18.0-33.4.hum1 (aarch64, x86_64)\n * rubygem4.0-minitest-6.0.0-33.4.hum1 (noarch)\n * rubygem4.0-power_assert-3.0.1-33.4.hum1 (noarch)\n * rubygem4.0-psych-5.3.1-33.4.hum1 (aarch64, x86_64)\n * rubygem4.0-racc-1.8.1-33.4.hum1 (aarch64, x86_64)\n * rubygem4.0-rake-13.3.1-33.4.hum1 (noarch)\n * rubygem4.0-rbs-3.10.0-33.4.hum1 (aarch64, x86_64)\n * rubygem4.0-rdoc-7.0.3-33.4.hum1 (noarch)\n * rubygem4.0-rexml-3.4.4-33.4.hum1 (noarch)\n * rubygem4.0-rss-0.3.2-33.4.hum1 (noarch)\n * rubygem4.0-rubygems-4.0.3-33.4.hum1 (noarch)\n * rubygem4.0-test-unit-3.7.5-33.4.hum1 (noarch)\n * rubygem4.0-typeprof-0.31.1-33.4.hum1 (noarch)\n * ruby4.0-4.0.0-33.4.hum1.src (src)\n\nSecurity Fix(es):\n\nruby4.0:\n * CVE-2026-42245\n * CVE-2026-42246\n * CVE-2026-42256\n * CVE-2026-47240\n * CVE-2026-47242",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33551",
"url": "https://access.redhat.com/errata/RHSA-2026:33551"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42245",
"url": "https://access.redhat.com/security/cve/CVE-2026-42245"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42246",
"url": "https://access.redhat.com/security/cve/CVE-2026-42246"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42256",
"url": "https://access.redhat.com/security/cve/CVE-2026-42256"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47240",
"url": "https://access.redhat.com/security/cve/CVE-2026-47240"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47242",
"url": "https://access.redhat.com/security/cve/CVE-2026-47242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47241",
"url": "https://access.redhat.com/security/cve/CVE-2026-47241"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33551.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update",
"tracking": {
"current_release_date": "2026-07-03T17:35:52+00:00",
"generator": {
"date": "2026-07-03T17:35:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:33551",
"initial_release_date": "2026-06-30T14:25:13+00:00",
"revision_history": [
{
"date": "2026-06-30T14:25:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-03T13:26:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T17:35:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby4-0-main@aarch64",
"product": {
"name": "ruby4-0-main@aarch64",
"product_id": "ruby4-0-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby4.0@4.0.0-33.4.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby4-0-main@src",
"product": {
"name": "ruby4-0-main@src",
"product_id": "ruby4-0-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby4.0@4.0.0-33.4.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby4-0-main@x86_64",
"product": {
"name": "ruby4-0-main@x86_64",
"product_id": "ruby4-0-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby4.0@4.0.0-33.4.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby4-0-main@noarch",
"product": {
"name": "ruby4-0-main@noarch",
"product_id": "ruby4-0-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby4.0-default-gems@4.0.0-33.4.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby4-0-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby4-0-main@aarch64"
},
"product_reference": "ruby4-0-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby4-0-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby4-0-main@noarch"
},
"product_reference": "ruby4-0-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby4-0-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby4-0-main@src"
},
"product_reference": "ruby4-0-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby4-0-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby4-0-main@x86_64"
},
"product_reference": "ruby4-0-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-42245",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-09T20:00:52.314743+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby library implementing the Internet Message Access Protocol (IMAP) client functionality. A hostile server can exploit a quadratic time complexity issue in the `Net::IMAP::ResponseReader` when processing large responses containing numerous string literals. This can lead to the client\u0027s CPU being exhausted, resulting in a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has rated this flaw as Moderate because a malicious IMAP server can trigger excessive CPU consumption in applications using the affected Net::IMAP library, resulting in a denial-of-service condition. Successful exploitation requires interaction with a hostile server, and the impact is limited to resource exhaustion of the affected client process. The vulnerability does not allow code execution, privilege escalation, or unauthorized access to data, reducing the overall security impact despite the potential availability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42245"
},
{
"category": "external",
"summary": "RHBZ#2468495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42245",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42245"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42245",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42245"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/6091f7d6b1f3514cafbfe39c76f2b5d73de3ca96",
"url": "https://github.com/ruby/net-imap/commit/6091f7d6b1f3514cafbfe39c76f2b5d73de3ca96"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/88d95231fc8afef11c1f074453f7d75b68c9dfda",
"url": "https://github.com/ruby/net-imap/commit/88d95231fc8afef11c1f074453f7d75b68c9dfda"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/de685f91a4a4cc75eb80da898c2bf8af08d34819",
"url": "https://github.com/ruby/net-imap/commit/de685f91a4a4cc75eb80da898c2bf8af08d34819"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-q2mw-fvj9-vvcw",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-q2mw-fvj9-vvcw"
}
],
"release_date": "2026-05-09T19:37:08.905000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T14:25:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33551"
},
{
"category": "workaround",
"details": "To reduce the risk of a denial of service, ensure that applications using the Net::IMAP library are configured to connect exclusively to trusted IMAP servers. Avoid connecting to untrusted or unverified IMAP services, as a hostile server can exploit this vulnerability. This operational control helps prevent exposure to malicious IMAP response processing.",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses"
},
{
"cve": "CVE-2026-42246",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2026-05-09T20:01:04.782096+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAP#starttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle (MITM) attacker can inject a predicted tagged OK response before the client completes the STARTTLS command, causing the operation to appear successful without establishing a TLS session. As a result, the connection may continue to transmit sensitive information in cleartext and enable modification of data exchanged over the affected connection, while the application incorrectly believes that encryption has been enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability affects the STARTTLS functionality in the Ruby net-imap library. Red Hat Product Security has assessed this issue as an Important severity vulnerability.\n\nAttack Complexity is considered High (AC:H), because successful exploitation requires an attacker capable of intercepting and modifying network traffic and successfully winning a timing race during the STARTTLS negotiation process.\n\nThis may allow exposure of authentication credentials, email contents, and other sensitive information, as well as unauthorized modification of data transmitted over the affected connection.\n\n```\n\nRed Hat\u0027s ruby packages distribute net-imap as a default bundled gem, the ruby package itself is listed affected. Applications relying on the system-provided Ruby installation to handle IMAP connections may be exposed to this flaw.\n\nRed Hat 3scale API Management uses net-imap which is a transitive dependency of mail, which is a dependency of actionmailer and actionmailbox. The images doesn\u2019t load them or use them in any way, hence, they are not affected.\n\n```",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42246"
},
{
"category": "external",
"summary": "RHBZ#2468499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42246",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42246"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42246",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42246"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/0ede4c40b1523dfeaf95777b2678e54cc0fd9618",
"url": "https://github.com/ruby/net-imap/commit/0ede4c40b1523dfeaf95777b2678e54cc0fd9618"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/24a4e770b43230286a05aa2a9746cdbb3eb8485e",
"url": "https://github.com/ruby/net-imap/commit/24a4e770b43230286a05aa2a9746cdbb3eb8485e"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/97e2488fb5401a1783bddd959dde007d9fbce42c",
"url": "https://github.com/ruby/net-imap/commit/97e2488fb5401a1783bddd959dde007d9fbce42c"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/f79d35bf5833f186e81044c57c843eda30c873da",
"url": "https://github.com/ruby/net-imap/commit/f79d35bf5833f186e81044c57c843eda30c873da"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.3.10",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.3.10"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-vcgp-9326-pqcp",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-vcgp-9326-pqcp"
}
],
"release_date": "2026-05-09T19:33:17.880000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T14:25:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33551"
},
{
"category": "workaround",
"details": "As a temporary workaround, Users are strongly encouraged to switch from explicit TLS upgrading mechanisms (STARTTLS on port 143) to Implicit TLS connections (such as IMAPS on port 993).\n\nBy enforcing implicit TLS via port 993 from the initial socket creation step, the connection is mathematically protected against packet injection and connection degradation tactics entirely, bypassing the vulnerable implementation path.",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS"
},
{
"cve": "CVE-2026-42256",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-09T20:01:08.343909+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2468500"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby library for Internet Message Access Protocol (IMAP) client functionality. A hostile server can exploit this vulnerability during SCRAM-SHA1 or SCRAM-SHA256 (Salted Challenge Response Authentication Mechanism - Secure Hash Algorithm 1 or 256) authentication by sending an excessively large iteration count value. This can lead to a computational denial-of-service attack, causing the client process to become unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby/net-imap: ruby: Net::IMAP: Denial of Service via large iteration count in SCRAM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42256"
},
{
"category": "external",
"summary": "RHBZ#2468500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42256",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42256"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42256",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42256"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/158d0b505074397cdb5ceb58935e42dd2bcfa612",
"url": "https://github.com/ruby/net-imap/commit/158d0b505074397cdb5ceb58935e42dd2bcfa612"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/808001bc45c06f7297a7e96d341279e041a7f7f4",
"url": "https://github.com/ruby/net-imap/commit/808001bc45c06f7297a7e96d341279e041a7f7f4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/commit/99f59eab6064955a23debd95410263ad144df758",
"url": "https://github.com/ruby/net-imap/commit/99f59eab6064955a23debd95410263ad144df758"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.4.24",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.5.14",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/releases/tag/v0.6.4",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-87pf-fpwv-p7m7",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-87pf-fpwv-p7m7"
}
],
"release_date": "2026-05-09T19:38:33.106000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T14:25:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33551"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ruby/net-imap: ruby: Net::IMAP: Denial of Service via large iteration count in SCRAM authentication"
},
{
"cve": "CVE-2026-47241",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2026-06-22T21:01:13.810999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2491523"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby client library for the Internet Message Access Protocol (IMAP). This vulnerability allows a remote attacker to cause a denial of service by sending specially crafted input to certain Net::IMAP commands. When a raw string argument, derived from user-controlled input, is not properly validated, it can force subsequent commands to be absorbed, leading to a hung connection and preventing further processing until the connection is closed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net-imap: rubygem-net-imap: Net::IMAP: Denial of Service via malformed command input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A Moderate denial of service flaw was found in the Net::IMAP Ruby client library. This issue occurs when a remote attacker sends specially crafted input to certain Net::IMAP commands, causing the client connection to hang indefinitely. This can prevent further processing of IMAP commands until the connection is manually closed, impacting the availability of services relying on the Net::IMAP client.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47241"
},
{
"category": "external",
"summary": "RHBZ#2491523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47241",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47241"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47241",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47241"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66"
}
],
"release_date": "2026-06-22T20:11:04.329000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T14:25:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33551"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby4-0-main@aarch64",
"Red Hat Hardened Images:ruby4-0-main@noarch",
"Red Hat Hardened Images:ruby4-0-main@src",
"Red Hat Hardened Images:ruby4-0-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net-imap: rubygem-net-imap: Net::IMAP: Denial of Service via malformed command input"
}
]
}
RHSA-2026:34293
Vulnerability from csaf_redhat - Published: 2026-07-01 13:59 - Updated: 2026-07-03 17:35A flaw was found in Net::IMAP, a Ruby client library for the Internet Message Access Protocol (IMAP). This vulnerability allows a remote attacker to cause a denial of service by sending specially crafted input to certain Net::IMAP commands. When a raw string argument, derived from user-controlled input, is not properly validated, it can force subsequent commands to be absorbed, leading to a hung connection and preventing further processing until the connection is closed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:ruby3-4-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\nruby3.4:\n * ruby3.4-3.4.8-31.3.hum1 (aarch64, x86_64)\n * ruby3.4-bundled-gems-3.4.8-31.3.hum1 (aarch64, x86_64)\n * ruby3.4-default-gems-3.4.8-31.3.hum1 (noarch)\n * ruby3.4-devel-3.4.8-31.3.hum1 (aarch64, x86_64)\n * ruby3.4-doc-3.4.8-31.3.hum1 (noarch)\n * ruby3.4-libs-3.4.8-31.3.hum1 (aarch64, x86_64)\n * rubygem3.4-bigdecimal-3.1.8-31.3.hum1 (aarch64, x86_64)\n * rubygem3.4-bundler-2.6.9-31.3.hum1 (noarch)\n * rubygem3.4-devel-3.6.9-31.3.hum1 (noarch)\n * rubygem3.4-io-console-0.8.1-31.3.hum1 (aarch64, x86_64)\n * rubygem3.4-irb-1.14.3-31.3.hum1 (noarch)\n * rubygem3.4-json-2.9.1-31.3.hum1 (aarch64, x86_64)\n * rubygem3.4-minitest-5.25.4-31.3.hum1 (noarch)\n * rubygem3.4-power_assert-2.0.5-31.3.hum1 (noarch)\n * rubygem3.4-psych-5.2.2-31.3.hum1 (aarch64, x86_64)\n * rubygem3.4-racc-1.8.1-31.3.hum1 (aarch64, x86_64)\n * rubygem3.4-rake-13.2.1-31.3.hum1 (noarch)\n * rubygem3.4-rbs-3.8.0-31.3.hum1 (aarch64, x86_64)\n * rubygem3.4-rdoc-6.14.0-31.3.hum1 (noarch)\n * rubygem3.4-rexml-3.4.4-31.3.hum1 (noarch)\n * rubygem3.4-rss-0.3.1-31.3.hum1 (noarch)\n * rubygem3.4-rubygems-3.6.9-31.3.hum1 (noarch)\n * rubygem3.4-test-unit-3.6.7-31.3.hum1 (noarch)\n * rubygem3.4-typeprof-0.30.1-31.3.hum1 (noarch)\n * ruby3.4-3.4.8-31.3.hum1.src (src)\n\nSecurity Fix(es):\n\nruby3.4:\n * CVE-2026-47242",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:34293",
"url": "https://access.redhat.com/errata/RHSA-2026:34293"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47242",
"url": "https://access.redhat.com/security/cve/CVE-2026-47242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47241",
"url": "https://access.redhat.com/security/cve/CVE-2026-47241"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34293.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update",
"tracking": {
"current_release_date": "2026-07-03T17:35:55+00:00",
"generator": {
"date": "2026-07-03T17:35:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:34293",
"initial_release_date": "2026-07-01T13:59:55+00:00",
"revision_history": [
{
"date": "2026-07-01T13:59:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-03T13:26:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T17:35:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-4-main@aarch64",
"product": {
"name": "ruby3-4-main@aarch64",
"product_id": "ruby3-4-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.4@3.4.8-31.3.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-4-main@src",
"product": {
"name": "ruby3-4-main@src",
"product_id": "ruby3-4-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.4@3.4.8-31.3.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-4-main@x86_64",
"product": {
"name": "ruby3-4-main@x86_64",
"product_id": "ruby3-4-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.4@3.4.8-31.3.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3-4-main@noarch",
"product": {
"name": "ruby3-4-main@noarch",
"product_id": "ruby3-4-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby3.4-default-gems@3.4.8-31.3.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-4-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-4-main@aarch64"
},
"product_reference": "ruby3-4-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-4-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-4-main@noarch"
},
"product_reference": "ruby3-4-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-4-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-4-main@src"
},
"product_reference": "ruby3-4-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3-4-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:ruby3-4-main@x86_64"
},
"product_reference": "ruby3-4-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-47241",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2026-06-22T21:01:13.810999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2491523"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Net::IMAP, a Ruby client library for the Internet Message Access Protocol (IMAP). This vulnerability allows a remote attacker to cause a denial of service by sending specially crafted input to certain Net::IMAP commands. When a raw string argument, derived from user-controlled input, is not properly validated, it can force subsequent commands to be absorbed, leading to a hung connection and preventing further processing until the connection is closed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net-imap: rubygem-net-imap: Net::IMAP: Denial of Service via malformed command input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A Moderate denial of service flaw was found in the Net::IMAP Ruby client library. This issue occurs when a remote attacker sends specially crafted input to certain Net::IMAP commands, causing the client connection to hang indefinitely. This can prevent further processing of IMAP commands until the connection is manually closed, impacting the availability of services relying on the Net::IMAP client.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47241"
},
{
"category": "external",
"summary": "RHBZ#2491523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47241",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47241"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47241",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47241"
},
{
"category": "external",
"summary": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-c4fp-cxrr-mj66"
}
],
"release_date": "2026-06-22T20:11:04.329000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T13:59:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34293"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:ruby3-4-main@aarch64",
"Red Hat Hardened Images:ruby3-4-main@noarch",
"Red Hat Hardened Images:ruby3-4-main@src",
"Red Hat Hardened Images:ruby3-4-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net-imap: rubygem-net-imap: Net::IMAP: Denial of Service via malformed command input"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.