CVE-2020-14149

In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt