exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2026-27699

около 1 месяца назад

The `basic-ftp` FTP client library for Node.js contains a path traversal vulnerability (CWE-22) in versions prior to 5.2.0 in the `downloadToDir()` method. A malicious FTP server can send directory listings with filenames containing path traversal sequences (`../`) that cause files to be written outside the intended download directory. Version 5.2.0 patches the issue.

CVSS3: 9.1

EPSS: Низкий

CVE-2026-27699

около 1 месяца назад

The `basic-ftp` FTP client library for Node.js contains a path traversal vulnerability (CWE-22) in versions prior to 5.2.0 in the `downloadToDir()` method. A malicious FTP server can send directory listings with filenames containing path traversal sequences (`../`) that cause files to be written outside the intended download directory. Version 5.2.0 patches the issue.

CVSS3: 7.5

EPSS: Низкий

CVE-2026-27699

около 1 месяца назад

The `basic-ftp` FTP client library for Node.js contains a path traversal vulnerability (CWE-22) in versions prior to 5.2.0 in the `downloadToDir()` method. A malicious FTP server can send directory listings with filenames containing path traversal sequences (`../`) that cause files to be written outside the intended download directory. Version 5.2.0 patches the issue.

CVSS3: 9.1

EPSS: Низкий

CVE-2026-27699

около 1 месяца назад

The `basic-ftp` FTP client library for Node.js contains a path travers ...

CVSS3: 9.1

EPSS: Низкий

GHSA-5rq4-664w-9x2c

около 1 месяца назад

Basic FTP has Path Traversal Vulnerability in its downloadToDir() method

CVSS3: 9.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-27699 The `basic-ftp` FTP client library for Node.js contains a path traversal vulnerability (CWE-22) in versions prior to 5.2.0 in the `downloadToDir()` method. A malicious FTP server can send directory listings with filenames containing path traversal sequences (`../`) that cause files to be written outside the intended download directory. Version 5.2.0 patches the issue.	CVSS3: 9.1	0% Низкий	около 1 месяца назад
CVE-2026-27699 The `basic-ftp` FTP client library for Node.js contains a path traversal vulnerability (CWE-22) in versions prior to 5.2.0 in the `downloadToDir()` method. A malicious FTP server can send directory listings with filenames containing path traversal sequences (`../`) that cause files to be written outside the intended download directory. Version 5.2.0 patches the issue.	CVSS3: 7.5	0% Низкий	около 1 месяца назад
CVE-2026-27699 The `basic-ftp` FTP client library for Node.js contains a path traversal vulnerability (CWE-22) in versions prior to 5.2.0 in the `downloadToDir()` method. A malicious FTP server can send directory listings with filenames containing path traversal sequences (`../`) that cause files to be written outside the intended download directory. Version 5.2.0 patches the issue.	CVSS3: 9.1	0% Низкий	около 1 месяца назад
CVE-2026-27699 The `basic-ftp` FTP client library for Node.js contains a path travers ...	CVSS3: 9.1	0% Низкий	около 1 месяца назад
GHSA-5rq4-664w-9x2c Basic FTP has Path Traversal Vulnerability in its downloadToDir() method	CVSS3: 9.1	0% Низкий	около 1 месяца назад

Уязвимостей на страницу