{"id":"CVE-2020-9365","details":"An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.","modified":"2026-04-11T17:01:38.169842Z","published":"2020-02-24T16:15:13.313Z","related":["openSUSE-SU-2024:11773-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22P44PECZWNDP7CMBL7NRBMNFS73C5Z2/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5NSUDWXZVWUCL6R2PTX3KBB42Z62CA5/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5DBVHJCXWRSJPNJQCJQCKZF6ZDPZCKA/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202003-54"},{"type":"FIX","url":"https://github.com/jedisct1/pure-ftpd/commit/36c6d268cb190282a2c17106acfd31863121b58e"},{"type":"FIX","url":"https://github.com/jedisct1/pure-ftpd/commit/bf6fcd4935e95128cf22af5924cdc8fe5c0579da"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jedisct1/pure-ftpd","events":[{"introduced":"0"},{"last_affected":"c21b45fc752039bceed8c8d4a1b8b9818a2fde20"},{"fixed":"36c6d268cb190282a2c17106acfd31863121b58e"},{"fixed":"bf6fcd4935e95128cf22af5924cdc8fe5c0579da"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.0.49"}]}}],"versions":["1.0.33","1.0.34","1.0.35","1.0.36","1.0.37","1.0.38","1.0.39","1.0.40","1.0.41","1.0.43","1.0.44","1.0.45","1.0.48","1.0.49"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"30"}]},{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-9365.json","vanir_signatures":[{"id":"CVE-2020-9365-7e5360e1","signature_version":"v1","target":{"file":"src/utils.c"},"source":"https://github.com/jedisct1/pure-ftpd/commit/bf6fcd4935e95128cf22af5924cdc8fe5c0579da","signature_type":"Line","digest":{"line_hashes":["95891114108689080271635707879851571584","336842005398644163625468051387470758073"],"threshold":0.9},"deprecated":false},{"id":"CVE-2020-9365-85e7bab8","signature_version":"v1","target":{"file":"src/utils.c"},"source":"https://github.com/jedisct1/pure-ftpd/commit/36c6d268cb190282a2c17106acfd31863121b58e","signature_type":"Line","digest":{"line_hashes":["95891114108689080271635707879851571584","336842005398644163625468051387470758073"],"threshold":0.9},"deprecated":false}],"vanir_signatures_modified":"2026-04-11T17:01:38Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}