Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAP#starttls to return "successfully", without starting TLS. This issue has been patched in versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4.
1.7.21-2ubuntu41.7.22-1ubuntu19.1.13.0-19.1.17.0-1~18.049.1.17.0-39.1.17.0-3build59.1.17.0-3build63.0.2-5ubuntu13.0.2-73.0.2-7ubuntu23.0.2-7ubuntu2.13.0.2-7ubuntu2.103.0.2-7ubuntu2.113.0.2-7ubuntu2.123.0.2-7ubuntu2.23.0.2-7ubuntu2.33.0.2-7ubuntu2.4+4 more9.3.9.0+ds-19.4.5.0+ds-19.4.5.0+ds-1ubuntu19.4.6.0+ds-1ubuntu33.2.3-13.2.3-1build23.2.3-1build33.2.3-1ubuntu0.24.04.13.2.3-1ubuntu0.24.04.33.2.3-1ubuntu0.24.04.53.2.3-1ubuntu0.24.04.63.2.3-1ubuntu0.24.04.79.4.8.0+ds-2ubuntu19.4.8.0+ds-3ubuntu13.3.7-1ubuntu23.3.8-2ubuntu13.3.8-2ubuntu23.3.8-2ubuntu2.19.4.8.0+ds-3ubuntu13.3.8-2ubuntu23.3.8-2ubuntu3Exploitability
AV:NAC:LAT:PPR:NUI:PVulnerable System
VC:HVI:HVA:NSubsequent System
SC:NSI:NSA:NCVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N