npm
basic-ftp
5 known vulnerabilities · 0 critical · 0 high
Basic FTP has Path Traversal Vulnerability in its downloadToDir() method
Published Feb 25, 2026
GHSA-rp42-5vxx-qpwr
basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()
Published Apr 16, 2026
GHSA-6v7q-wjvx-w8wg
basic-ftp: Incomplete CRLF Injection Protection Allows Arbitrary FTP Command Execution via Credentials and MKD Commands
Published Apr 10, 2026
GHSA-chqc-8p9q-pq6q
basic-ftp has FTP Command Injection via CRLF
Published Apr 8, 2026
GHSA-rpmf-866q-6p89
basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering
Published May 6, 2026
Check your entire dependency tree at onceRun dependency scan →