Antonio Norales discovered that Pure-FTPd incorrectly handled directory aliases. An attacker could possibly use this issue to access sensitive information. (CVE-2020-9274)
{ "availability": "No subscription required", "binaries": [ { "pure-ftpd-common": "1.0.36-3.2+deb8u1build0.16.04.1", "pure-ftpd-ldap": "1.0.36-3.2+deb8u1build0.16.04.1", "pure-ftpd-mysql": "1.0.36-3.2+deb8u1build0.16.04.1", "pure-ftpd": "1.0.36-3.2+deb8u1build0.16.04.1", "pure-ftpd-postgresql": "1.0.36-3.2+deb8u1build0.16.04.1" } ] }