53 matches found
ROOT-APP-NPM-CVE-2026-41324 CVE-2026-41324 in @rootio/basic-ftp - Patched by Root
Root has patched CVE-2026-41324 in the @rootio/basic-ftp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-GHSA-6V7Q-WJVX-W8WG GHSA-6v7q-wjvx-w8wg in @rootio/basic-ftp - Patched by Root
Root has patched GHSA-6v7q-wjvx-w8wg in the @rootio/basic-ftp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44240 CVE-2026-44240 in @rootio/basic-ftp - Patched by Root
Root has patched CVE-2026-44240 in the @rootio/basic-ftp package for Root:npm. Multiple fixed versions available...
CVE-2026-44240
basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline responses. A malicious or compromised FTP server can send an unterminated multiline response during the initial FTP banner phase, before...
ROOT-APP-NPM-CVE-2026-39983 CVE-2026-39983 in @rootio/basic-ftp - Patched by Root
Root has patched CVE-2026-39983 in the @rootio/basic-ftp package for Root:npm. Multiple fixed versions available...
Linux Distros Unpatched Vulnerability : CVE-2026-44240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline...
CVE-2026-44240
basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline responses. A malicious or compromised FTP server can send an unterminated multiline response during the initial FTP banner phase, before...
UBUNTU-CVE-2026-44240
basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline responses. A malicious or compromised FTP server can send an unterminated multiline response during the initial FTP banner phase, before...
CVE-2026-44240
basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline responses. A malicious or compromised FTP server can send an unterminated multiline response during the initial FTP banner phase, before...
CVE-2026-44240
CVE-2026-44240 affects the Node.js FTP client basic-ftp . Before version 5.3.1, the client is vulnerable to client-side denial of service when parsing FTP control-channel multiline responses. A malicious FTP server can send an unterminated multiline response during the initial banner phase, causi...
Basic FTP 资源管理错误漏洞
Basic FTP is a Node.js FTP client library developed by Patrick Juchli. Versions of Basic FTP prior to 5.3.1 had a resource management vulnerability. This vulnerability stemmed from the lack of restrictions on the size of control responses when parsing multiple lines of the FTP control channel...
Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CVE-2026-27699)
Summary There are vulnerabilities in basic-ftp-5.0.3.tgz, basic-ftp-5.0.5.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-27699. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-27699 DESCRIPTION: The basic-ftp FTP client library for Node.js...
@activeboxes/piece-sftp (=0.2.6), @activepieces/piece-apify (=0.2.1) +28 more potentially affected by CVE-2026-44240 via basic-ftp (>=5.0.2 <=5.3.0)
basic-ftp NPM version =5.0.2, =0.2.6, =1.0.0, =0.2.0, =0.1.0, =1.0.0, =2.0.18, =1.9.2, =1.2.0, =4.6.0-blowfish, =1.0.3, =1.0.4 and more Source cves: CVE-2026-44240 Source advisory: SNYK:JS-BASICFTP-16438941...
Allocation of Resources Without Limits or Throttling
Overview basic-ftp is a FTP client for Node.js, supports FTPS over TLS, IPv6, Async/Await, and Typescript. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the connect function. An attacker can cause excessive memory and CPU consumption,...
PT-2026-38291
Name of the Vulnerable Software and Affected Versions basic-ftp versions 0.0.1 through 5.3.0 Description A client-side denial of service exists when parsing FTP control-channel multiline responses. A malicious or compromised FTP server can send an unterminated multiline response during the initia...
CVE-2026-44240
creationtimestamp| type| source ---|---|--- 2026-04-28 03:41:59+00:00| published-proof-of-concept| https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89...
Linux Distros Unpatched Vulnerability : CVE-2026-41324
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing directory...
UBUNTU-CVE-2026-41324
basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to...
CVE-2026-41324
basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to...
CVE-2026-41324 basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()
basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to...