Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/pyftpdlib@0.5.1
purl pkg:pypi/pyftpdlib@0.5.1
Next non-vulnerable version 0.5.2
Latest non-vulnerable version 0.5.2
Risk 4.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-2u11-41pn-z3a6
Aliases:
CVE-2009-5012
GHSA-h4g7-8m7r-87r9
PYSEC-2010-9
ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session.
0.5.2
Affected by 0 other vulnerabilities.
VCID-8vjd-1g37-5ye6
Aliases:
CVE-2009-5011
GHSA-62xg-239j-vxg7
PYSEC-2010-8
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerability than CVE-2010-3494.
0.5.2
Affected by 0 other vulnerabilities.
VCID-ufjv-wgk3-sfcj
Aliases:
CVE-2010-3494
GHSA-hw4g-fhcp-x5mq
PYSEC-2010-11
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492.
0.5.2
Affected by 0 other vulnerabilities.
VCID-zjev-ytqn-8yhs
Aliases:
CVE-2009-5013
GHSA-8gv6-x88p-3f6h
PYSEC-2010-10
Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service (memory consumption) by sending a QUIT command during a data transfer.
0.5.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-67rd-vz1v-yqac Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib CVE-2009-5010
GHSA-mpg6-rgp4-35rr
PYSEC-2010-7

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-13T08:57:17.696704+00:00 GHSA Importer Affected by VCID-ufjv-wgk3-sfcj https://github.com/advisories/GHSA-hw4g-fhcp-x5mq 38.6.0
2026-06-12T18:15:22.521638+00:00 GitLab Importer Affected by VCID-ufjv-wgk3-sfcj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pyftpdlib/CVE-2010-3494.yml 38.6.0
2026-06-12T18:06:26.833415+00:00 GitLab Importer Affected by VCID-8vjd-1g37-5ye6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pyftpdlib/CVE-2009-5011.yml 38.6.0
2026-06-12T18:06:23.553991+00:00 GitLab Importer Affected by VCID-2u11-41pn-z3a6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pyftpdlib/CVE-2009-5012.yml 38.6.0
2026-06-12T18:06:22.898391+00:00 GitLab Importer Affected by VCID-zjev-ytqn-8yhs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pyftpdlib/CVE-2009-5013.yml 38.6.0
2026-06-12T15:44:12.011947+00:00 GitLab Importer Fixing VCID-67rd-vz1v-yqac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pyftpdlib/CVE-2009-5010.yml 38.6.0
2026-06-12T08:22:28.403936+00:00 GithubOSV Importer Fixing VCID-67rd-vz1v-yqac https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mpg6-rgp4-35rr/GHSA-mpg6-rgp4-35rr.json 38.6.0
2026-06-12T04:00:31.182353+00:00 Pypa Importer Affected by VCID-2u11-41pn-z3a6 https://github.com/pypa/advisory-database/blob/main/vulns/pyftpdlib/PYSEC-2010-9.yaml 38.6.0
2026-06-12T04:00:31.119295+00:00 Pypa Importer Affected by VCID-8vjd-1g37-5ye6 https://github.com/pypa/advisory-database/blob/main/vulns/pyftpdlib/PYSEC-2010-8.yaml 38.6.0
2026-06-12T04:00:31.002363+00:00 Pypa Importer Affected by VCID-zjev-ytqn-8yhs https://github.com/pypa/advisory-database/blob/main/vulns/pyftpdlib/PYSEC-2010-10.yaml 38.6.0
2026-06-12T04:00:30.963997+00:00 Pypa Importer Affected by VCID-ufjv-wgk3-sfcj https://github.com/pypa/advisory-database/blob/main/vulns/pyftpdlib/PYSEC-2010-11.yaml 38.6.0
2026-06-12T04:00:30.857986+00:00 Pypa Importer Fixing VCID-67rd-vz1v-yqac https://github.com/pypa/advisory-database/blob/main/vulns/pyftpdlib/PYSEC-2010-7.yaml 38.6.0
2026-06-11T20:41:51.772131+00:00 PyPI Importer Fixing VCID-67rd-vz1v-yqac https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-11T20:41:51.641422+00:00 PyPI Importer Affected by VCID-zjev-ytqn-8yhs https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-11T20:41:51.595381+00:00 PyPI Importer Affected by VCID-ufjv-wgk3-sfcj https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-11T20:41:51.442605+00:00 PyPI Importer Affected by VCID-2u11-41pn-z3a6 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-11T20:41:51.321682+00:00 PyPI Importer Affected by VCID-8vjd-1g37-5ye6 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-11T20:29:13.550410+00:00 GHSA Importer Fixing VCID-67rd-vz1v-yqac https://github.com/advisories/GHSA-mpg6-rgp4-35rr 38.6.0
2026-06-11T20:29:13.485644+00:00 GHSA Importer Affected by VCID-8vjd-1g37-5ye6 https://github.com/advisories/GHSA-62xg-239j-vxg7 38.6.0
2026-06-11T20:29:13.440493+00:00 GHSA Importer Affected by VCID-zjev-ytqn-8yhs https://github.com/advisories/GHSA-8gv6-x88p-3f6h 38.6.0
2026-06-11T20:29:13.396550+00:00 GHSA Importer Affected by VCID-2u11-41pn-z3a6 https://github.com/advisories/GHSA-h4g7-8m7r-87r9 38.6.0