Medium6.5Red Hat & Ubuntu Linux
Net::IMAP: Denial of Service via crafted IMAP responses
CVE-2026-42245 Published May 9, 2026
CVE-2026-42245
Affected products & platforms
Red Hat & Ubuntu LinuxUnclassified
Summary
Net::IMAP: Denial of Service via crafted IMAP responses. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-606. Affected package(s): ruby3, ruby:3.3, ruby4, ruby4.0, ruby, ruby:4.0. Resolved in Red Hat advisory RHSA-2026:33515 — update the affected packages (`sudo dnf update`).
Affected versions
- ruby3-4-main-3.4.8-31.2.hum1
- ruby:3.3-9080020260615131001.9
- ruby4-0-main-4.0.0-33.4.hum1
- ruby4.0-0:4.0.3-35.el10_2
- ruby:3.3-8100020260615131010.489197e6
- ruby-0:3.3.10-13.el10_2
- ruby:4.0-9080020260619130154.9
- ruby3-3-main-3.3.10-23.2.hum1
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Fixed versions
- RHSA-2026:33515
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Update the affected package(s) to the fixed version shipped in RHSA-2026:33515 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.