Basic FTP 安全漏洞

Basic FTP is a Node.js FTP client library developed by Patrick Juchli. Versions of Basic FTP prior to 5.2.1 contained a security vulnerability; this vulnerability stemmed from the possibility of CRLF sequences being present in file path parameters, which could lead to FTP command injection attack...

Medium: gvfs

Issue Overview: A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint,...