CVE-2020-15152

ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a...

ftp-srv Path Traversal Vulnerability

Connor Skees ftp-srv is an open source application from Connor Skees. Provides a modern and scalable FTP server designed to be simple but configurable. A path traversal vulnerability exists in ftp-srv, which arises from a failure of a network system or product to properly filter special elements ...

@zpmc/zwd-server (>=0.0.14 <=0.0.21) potentially affected by CVE-2020-15152 via ftp-srv (=4.1.0)

ftp-srv NPM version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on ftp-srv and may be impacted: - @zpmc/zwd-server =0.0.14, =0.0.21 Source cves: CVE-2020-15152 Source advisory: OSV:GHSA-JW37-5GQR-CF9J...