Search for packages
| purl | pkg:deb/debian/proftpd-dfsg@1.3.6-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-6kef-2azs-xugx | An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server. |
CVE-2019-19271
|
| VCID-xeeh-rpu9-63g6 | An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup. |
CVE-2019-19272
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T13:23:52.136217+00:00 | Debian Importer | Fixing | VCID-xeeh-rpu9-63g6 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T12:04:43.812039+00:00 | Debian Importer | Fixing | VCID-6kef-2azs-xugx | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T09:14:24.931522+00:00 | Debian Importer | Fixing | VCID-xeeh-rpu9-63g6 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T08:15:14.761227+00:00 | Debian Importer | Fixing | VCID-6kef-2azs-xugx | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:50:21.261252+00:00 | Debian Importer | Fixing | VCID-xeeh-rpu9-63g6 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:50:21.220500+00:00 | Debian Importer | Fixing | VCID-6kef-2azs-xugx | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |