Lucene search
+L

4 matches found

EUVD
EUVD
added 2026/05/13 9:32 p.m.14 views

EUVD-2026-30177

The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...

5.9CVSS6.8AI score0.00476EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.12 views

PT-2026-40802

Name of the Vulnerable Software and Affected Versions CPython affected versions not specified Description The ftpcp function in Lib/ftplib.py fails to use the actual peer address, instead trusting the host address supplied by the server during a PASV command. This occurs because ftpcp calls...

9.1CVSS5.8AI score0.00485EPSS
Exploits0References212
Circl
Circl
added 2022/08/24 8:22 p.m.1 views

CVE-2021-4189

creationtimestamp| type| source ---|---|--- 2022-08-24 20:22:52+00:00| seen| https://t.me/cibsecurity/48660 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...

5.3CVSS7.1AI score0.02602EPSS
Exploits0References2
OSV
OSV
added 2022/04/05 2:55 p.m.7 views

CLSA-2022-1649170553 Fix CVE(s): CVE-2021-4189

SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class behavior to not trust the IPv4 address sent from the remote server when setting up a passive data channel in resposne in Lib/ftplib.py, Lib/test/testftplib.py. - CVE-2021-4189...

5.3CVSS6.9AI score0.02602EPSS
Exploits0References1
Rows per page
Query Builder