VDB

GCVE-VVD-MAGEIA-2019-385

GCVE-VVD-MAGEIA-2019-385
Advisory Published
Vulnetix · Advisory published December 13, 2019
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup (CVE-2019-19269).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaproftpd0 (affected), 1.3.5e-4.2.mga7 (unaffected)

Aliases

CVE-2019-19269

Transitive aliases

GHSA-46rx-rvqp-8rxjBDU:2025-13443GSD-2019-19269EUVD-2019-8895OPENSUSE-SU-2024:11196-1VVD-GENTOO-2019-701814CNVD-2019-46261

References

Updated proftpd packages fix security vulnerability
advisory
Updated proftpd packages fix security vulnerability
advisory
Updated proftpd packages fix security vulnerability
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›