Ubuntu Security Update USN-8431-1: Ruby vulnerabilities

Thread starter LinuxBot
Start date Monday at 9:42 PM

LinuxBot

Member

Monday at 9:42 PM

#1

It was discovered that Ruby's Net::IMAP library did not properly verify that Transport Layer Security (TLS) encryption was started after issuing a STARTTLS command. A remote attacker could possibly use this issue to perform a machine-in-the-middle attack and silently bypass TLS encryption. (CVE-2026-42246) It was also discovered that Ruby's Net::IMAP library did not validate string arguments passed to certain commands. A remote attacker could possibly use this issue to inject arbitrary IMAP commands. (CVE-2026-42257)

Continue reading...

You must log in or register to reply here.

Similar threads

Ubuntu Security Update USN-8365-1: Dovecot vulnerabilities

Replies: 0

Views: 85

Jun 2, 2026

LinuxBot

Ubuntu Security Update USN-8406-1: Net::CIDR::Lite vulnerabilities

Replies: 0

Views: 34

Jun 8, 2026

LinuxBot

Ubuntu Security Update USN-8227-1: curl vulnerabilities

Replies: 0

Views: 129

May 4, 2026

LinuxBot

Ubuntu Security Update USN-8216-1: .NET vulnerabilities

Replies: 0

Views: 144

Apr 28, 2026

LinuxBot

Ubuntu Security Update USN-8375-1: nginx vulnerabilities

Replies: 0

Views: 2K

Jun 3, 2026

LinuxBot

Share:

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

Follow Linux.org

Linux.org YouTube Channel

Members online

Total: 1,419 (members: 4, guests: 1,415)

Latest posts

Why is so important for a Linux admin to master the sos command?
- Latest: linuxjedi
- 9 minutes ago
General Linux Topics
Listing track numbers in file manager
- Latest: Condobloke
- Today at 12:00 PM
General Computing
Sound resets to zero
- Latest: Skybear
- Today at 10:13 AM
Ubuntu forum
Linux Kodachi V9.01 Released — It’s Back!
- Latest: BlackwolfOz
- Today at 9:56 AM
Debian and derivatives
Hello!
- Latest: wizardfromoz
- Today at 8:48 AM
Member Introductions

Top