VulnerableCode Package Details - pkg:deb/debian/lftp@2.4.9-1woody2

Search for packages

Vulnerability	Summary	Fixed by
VCID-27cy-bfqz-5qhw Aliases: CVE-2003-0963	security flaw	3.1.3-1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-38y7-7n7m-tyeq Aliases: CVE-2010-2251	This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information.	4.0.6-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-4pg8-93ep-e7eg Aliases: CVE-2007-2348	lftp mirror --script does not escape names and targets of symbolic links	3.7.3-1+lenny1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-cbvt-6zuj-uybf Aliases: CVE-2018-10916	lftp: particular remote file names may lead to current working directory erased	4.8.4-2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-27cy-bfqz-5qhw
Aliases:
CVE-2003-0963

security flaw

3.1.3-1
Affected by 3 other vulnerabilities.

VCID-38y7-7n7m-tyeq
Aliases:
CVE-2010-2251

This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information.

4.0.6-1
Affected by 1 other vulnerability.

VCID-4pg8-93ep-e7eg
Aliases:
CVE-2007-2348

lftp mirror --script does not escape names and targets of symbolic links

3.7.3-1+lenny1
Affected by 2 other vulnerabilities.

VCID-cbvt-6zuj-uybf
Aliases:
CVE-2018-10916

lftp: particular remote file names may lead to current working directory erased

4.8.4-2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T22:16:47.344269+00:00	Debian Oval Importer	Affected by	VCID-cbvt-6zuj-uybf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:23:29.204848+00:00	Debian Oval Importer	Affected by	VCID-27cy-bfqz-5qhw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:50:53.879581+00:00	Debian Oval Importer	Affected by	VCID-38y7-7n7m-tyeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:34:19.429877+00:00	Debian Oval Importer	Affected by	VCID-4pg8-93ep-e7eg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T21:54:22.085040+00:00	Debian Oval Importer	Affected by	VCID-cbvt-6zuj-uybf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:02:57.000194+00:00	Debian Oval Importer	Affected by	VCID-27cy-bfqz-5qhw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:35:26.527709+00:00	Debian Oval Importer	Affected by	VCID-38y7-7n7m-tyeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:22:17.515151+00:00	Debian Oval Importer	Affected by	VCID-4pg8-93ep-e7eg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:31:44.888232+00:00	Debian Oval Importer	Affected by	VCID-cbvt-6zuj-uybf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:42:11.687753+00:00	Debian Oval Importer	Affected by	VCID-27cy-bfqz-5qhw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:20:34.505571+00:00	Debian Oval Importer	Affected by	VCID-38y7-7n7m-tyeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:16:55.523295+00:00	Debian Oval Importer	Affected by	VCID-4pg8-93ep-e7eg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0