Lucene search
K

46 matches found

Vulnrichment
Vulnrichment
added 2022/12/03 12:0 a.m.6 views

CVE-2021-37533 Apache Commons Net's FTP client trusts the host from PASV response by default

Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about...

6.5AI score0.01858EPSS
Exploits0References4
CVE
CVE
added 2022/12/03 12:0 a.m.291 views

CVE-2021-37533

CVE-2021-37533 affects the Apache Commons Net FTP client prior to 3.9.0, where the FTP PASV response can cause the client to trust a host from the server. This could lead to leakage of information about services on the client’s private network if a malicious server is involved. The advisory notes...

6.5CVSS6.6AI score0.01858EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/12/03 12:0 a.m.41 views

CVE-2021-37533 Apache Commons Net's FTP client trusts the host from PASV response by default

Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about...

6.8AI score0.01858EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2022/12/03 12:0 a.m.74 views

CVE-2021-37533

Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about...

6.5CVSS7AI score0.01858EPSS
Exploits0
Rockylinux
Rockylinux
added 2022/05/17 6:27 a.m.13 views

new packages: apache-commons-net

An update is available for apache-commons-net. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/03/28 12:0 a.m.1 views

PT-2022-6127 · Apache +3 · Apache Commons Net +3

Name of the Vulnerable Software and Affected Versions: Apache Commons Net versions prior to 3.9.0 Description: The issue is related to the FTP client in Apache Commons Net, which trusts the host from PASV response by default. This allows a malicious server to redirect the Commons Net code to use ...

7.8CVSS7.8AI score0.01858EPSS
Exploits0References34
Rows per page
Query Builder