Количество 19
Количество 19
CVE-2021-32066
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
CVE-2021-32066
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
CVE-2021-32066
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
CVE-2021-32066
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ...
GHSA-gx49-h5r3-q3xj
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
BDU:2021-04264
Уязвимость реализации класса Net::IMAP интерпретатора Ruby, позволяющая нарушителю реализовать атаку типа «человек посередине»
openSUSE-SU-2021:3838-1
Security update for ruby2.5
openSUSE-SU-2021:1535-1
Security update for ruby2.5
SUSE-SU-2021:3838-1
Security update for ruby2.5
RLSA-2022:0672
Moderate: ruby:2.5 security update
ELSA-2022-0672
ELSA-2022-0672: ruby:2.5 security update (MODERATE)
ELSA-2022-0672-1
ELSA-2022-0672-1: ruby:2.5 security update (MODERATE)
SUSE-SU-2021:3837-1
Security update for ruby2.1
ROS-20240723-03
Множественные уязвимости ruby
RLSA-2021:3020
Important: ruby:2.7 security update
ELSA-2021-3020
ELSA-2021-3020: ruby:2.7 security update (IMPORTANT)
SUSE-SU-2022:1512-1
Security update for ruby2.5
RLSA-2022:0543
Important: ruby:2.6 security update
ELSA-2022-0543
ELSA-2022-0543: ruby:2.6 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-32066 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." | CVSS3: 7.4 | 0% Низкий | почти 4 года назад |
 | CVE-2021-32066 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." | CVSS3: 7.4 | 0% Низкий | почти 4 года назад |
 | CVE-2021-32066 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." | CVSS3: 7.4 | 0% Низкий | почти 4 года назад |
| CVE-2021-32066 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ... | CVSS3: 7.4 | 0% Низкий | почти 4 года назад |
| GHSA-gx49-h5r3-q3xj An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." | CVSS3: 7.4 | 0% Низкий | около 3 лет назад |
 | BDU:2021-04264 Уязвимость реализации класса Net::IMAP интерпретатора Ruby, позволяющая нарушителю реализовать атаку типа «человек посередине» | CVSS3: 6.5 | 0% Низкий | около 4 лет назад |
 | openSUSE-SU-2021:3838-1 Security update for ruby2.5 | больше 3 лет назад | ||
| openSUSE-SU-2021:1535-1 Security update for ruby2.5 | больше 3 лет назад | ||
| SUSE-SU-2021:3838-1 Security update for ruby2.5 | больше 3 лет назад | ||
 | RLSA-2022:0672 Moderate: ruby:2.5 security update | больше 3 лет назад | ||
| ELSA-2022-0672 ELSA-2022-0672: ruby:2.5 security update (MODERATE) | больше 3 лет назад | ||
| ELSA-2022-0672-1 ELSA-2022-0672-1: ruby:2.5 security update (MODERATE) | больше 3 лет назад | ||
| SUSE-SU-2021:3837-1 Security update for ruby2.1 | больше 3 лет назад | ||
 | ROS-20240723-03 Множественные уязвимости ruby | CVSS3: 6.5 | 11 месяцев назад | |
| RLSA-2021:3020 Important: ruby:2.7 security update | почти 4 года назад | ||
| ELSA-2021-3020 ELSA-2021-3020: ruby:2.7 security update (IMPORTANT) | почти 4 года назад | ||
| SUSE-SU-2022:1512-1 Security update for ruby2.5 | около 3 лет назад | ||
| RLSA-2022:0543 Important: ruby:2.6 security update | больше 3 лет назад | ||
| ELSA-2022-0543 ELSA-2022-0543: ruby:2.6 security update (IMPORTANT) | больше 3 лет назад |
Уязвимостей на страницу