CVE-2026-8328

ADVISORY - nist

Summary

The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv() was patched to replace server-supplied PASV host addresses with the actual peer address (getpeername()[0]), ftpcp() still calls parse227() directly and passes the raw attacker-controllable IP address and port to target.sendport(). This patch is related to CVE-2021-4189.

EPSS Score⁠: 0.00051 (0.162)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-918⁠

Server-Side Request Forgery (SSRF)

Impacted images

Advisories

Docker

CREATED

22 days ago

UPDATED

21 days ago

ADVISORY ID

CVE-2026-8328

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

NIST

CREATED

21 days ago

UPDATED

21 days ago

ADVISORY IDCVE-2026-8328⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-918⁠

CVSS SCORE

5.9medium

Debian

CREATED

21 days ago

UPDATED

13 days ago

ADVISORY IDCVE-2026-8328⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

14 days ago

UPDATED

14 days ago

ADVISORY IDCVE-2026-8328⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY ID

BIT-libpython-2026-8328

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.9medium

Bitnami

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY ID

BIT-python-2026-8328

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.9medium

Bitnami

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY ID

BIT-python-min-2026-8328

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.9medium

Chainguard

CREATED

17 hours ago

UPDATED

17 hours ago

ADVISORY ID

CGA-g5qm-4qwx-5v9f

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-289f-xvvf-p4w2

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY ID

MINI-6rhc-6fr5-fcjh

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-cp9g-xvhp-qfxf

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-gf3q-c37g-36h2

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY