4 matches found
ROOT-OS-DEBIAN-12-CVE-2026-8328 CVE-2026-8328 in rootio-python3.11 - Patched by Root
Root has patched CVE-2026-8328 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...
CVE-2026-8328
The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...
CVE-2026-8328 vulnerabilities
Vulnerabilities for packages: python...
SUSE CVE-2026-8328
The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...