漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
net-imap: Quadratic complexity when reading response literals
Vulnerability Description
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are crafted to exhaust the client's CPU for a denial of service attack. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.
CVSS Information
N/A
Vulnerability Type
算法复杂性
Vulnerability Title
Net::IMAP 安全漏洞
Vulnerability Description
Net::IMAP是Ruby开源的一个消息访问协议的 Ruby 客户端 api。 Net::IMAP 0.4.24之前版本、0.5.14之前版本和0.6.4之前版本存在安全漏洞,该漏洞源于ResponseReader读取包含多个字符串字面量的大响应时具有二次时间复杂度,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A