pkg:npm/basic-ftp

4 total CVEsCRITICAL1HIGH3

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2026-27699Basic FTP has Path Traversal Vulnerability in its downloadToDir() method
    from 0, < 5.2.0
  • HIGH8.6CVE-2026-39983basic-ftp has FTP Command Injection via CRLF
    >= 5.2.0, < 5.2.1
  • HIGH7.5CVE-2026-44240basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering
    from 0, < 5.3.1
  • HIGH7.5CVE-2026-41324basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()
    from 0, < 5.3.0