rpm package
opensuse/apache-commons-net&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/apache-commons-net&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-37533 | — | < 3.9.0-1.1 | 3.9.0-1.1 | Dec 3, 2022 | Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of inf |
- CVE-2021-37533Dec 3, 2022affected < 3.9.0-1.1fixed 3.9.0-1.1
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of inf