fkie_cve-2025-25186
Vulnerability from fkie_nvd
Published
2025-02-10 16:15
Modified
2025-02-10 16:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in `net-imap`'s response parser. At any time while the client is connected, a malicious server can send can send highly compressed `uid-set` data which is automatically read by the client's receiver thread. The response parser uses `Range#to_a` to convert the `uid-set` data into arrays of integers, with no limitation on the expanded size of the ranges. Versions 0.3.8, 0.4.19, 0.5.6, and higher fix this issue. Additional details for proper configuration of fixed versions and backward compatibility are available in the GitHub Security Advisory.
References
security-advisories@github.comhttps://github.com/ruby/net-imap/commit/70e3ddd071a94e450b3238570af482c296380b35
security-advisories@github.comhttps://github.com/ruby/net-imap/commit/c8c5a643739d2669f0c9a6bb9770d0c045fd74a3
security-advisories@github.comhttps://github.com/ruby/net-imap/commit/cb92191b1ddce2d978d01b56a0883b6ecf0b1022
security-advisories@github.comhttps://github.com/ruby/net-imap/security/advisories/GHSA-7fc5-f82f-cx69
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in `net-imap`\u0027s response parser.  At any time while the client is connected, a malicious server can send  can send highly compressed `uid-set` data which is automatically read by the client\u0027s receiver thread. The response parser uses `Range#to_a` to convert the `uid-set` data into arrays of integers, with no limitation on the expanded size of the ranges. Versions 0.3.8, 0.4.19, 0.5.6, and higher fix this issue. Additional details for proper configuration of fixed versions and backward compatibility are available in the GitHub Security Advisory."
    },
    {
      "lang": "es",
      "value": "Net::IMAP implementa la funcionalidad del cliente del Protocolo de acceso a mensajes de Internet (IMAP) en Ruby. A partir de la versi\u00f3n 0.3.2 y antes de las versiones 0.3.8, 0.4.19 y 0.5.6, existe la posibilidad de denegaci\u00f3n de servicio por agotamiento de la memoria en el analizador de respuestas de `net-imap`. En cualquier momento mientras el cliente est\u00e9 conectado, un servidor malintencionado puede enviar datos `uid-set` altamente comprimidos que son le\u00eddos autom\u00e1ticamente por el hilo receptor del cliente. El analizador de respuestas utiliza `Range#to_a` para convertir los datos `uid-set` en matrices de n\u00fameros enteros, sin limitaci\u00f3n en el tama\u00f1o expandido de los rangos. Las versiones 0.3.8, 0.4.19, 0.5.6 y posteriores solucionan este problema. Hay detalles adicionales para la configuraci\u00f3n adecuada de las versiones corregidas y la compatibilidad con versiones anteriores disponibles en el Aviso de seguridad de GitHub."
    }
  ],
  "id": "CVE-2025-25186",
  "lastModified": "2025-02-10T16:15:39.457",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-02-10T16:15:39.457",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/ruby/net-imap/commit/70e3ddd071a94e450b3238570af482c296380b35"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/ruby/net-imap/commit/c8c5a643739d2669f0c9a6bb9770d0c045fd74a3"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/ruby/net-imap/commit/cb92191b1ddce2d978d01b56a0883b6ecf0b1022"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/ruby/net-imap/security/advisories/GHSA-7fc5-f82f-cx69"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        },
        {
          "lang": "en",
          "value": "CWE-405"
        },
        {
          "lang": "en",
          "value": "CWE-409"
        },
        {
          "lang": "en",
          "value": "CWE-770"
        },
        {
          "lang": "en",
          "value": "CWE-789"
        },
        {
          "lang": "en",
          "value": "CWE-1287"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.