Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 3 of 3 results

CVE-2018-10916

Medium priority
Fixed

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user...

1 affected packages

lftp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
lftp Fixed Fixed
Show less packages

CVE-2010-2251

Medium priority
Fixed

The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite...

1 affected packages

lftp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
lftp
Show less packages

CVE-2007-2348

Unknown priority
Ignored

mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow remote user-assisted attackers to execute shell commands via a malicious script. NOTE: it is not clear whether this issue crosses...

1 affected packages

lftp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
lftp
Show less packages