Security Advisory

CVE-2021-40491

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-03 00:00:00

Last updated 2024-08-04 02:44:10

Assigner mitre

State PUBLISHED

Description

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.

← Browse all CVEs View on cve.org ↗