{"url":"http://public2.vulnerablecode.io/api/packages/935844?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.6b-2?distro=trixie","type":"deb","namespace":"debian","name":"proftpd-dfsg","version":"1.3.6b-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.3.6c-1","latest_non_vulnerable_version":"1.3.9a~dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94100?format=json","vulnerability_id":"VCID-tc5c-pyzn-ekh1","summary":"An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19270","reference_id":"","reference_type":"","scores":[{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41801","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41866","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41895","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41873","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41883","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41907","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41872","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.4186","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41909","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41812","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41738","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41739","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.4166","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41519","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41588","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41605","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41514","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41541","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41617","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41625","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19270"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946346","reference_id":"946346","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946346"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935844?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.6b-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.6b-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935820?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.7a%2Bdfsg-12%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.7a%252Bdfsg-12%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935818?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.8%2Bdfsg-4%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-gw9f-rc1s-8udd"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8%252Bdfsg-4%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935822?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.8.c%2Bdfsg-4%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8.c%252Bdfsg-4%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935821?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088724?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1104197?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9a~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9a~dfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-19270"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tc5c-pyzn-ekh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60481?format=json","vulnerability_id":"VCID-wwz1-zb24-7qgy","summary":"Multiple vulnerabilities have been found in ProFTPd, the worst of\n    which may lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19269","reference_id":"","reference_type":"","scores":[{"value":"0.0103","scoring_system":"epss","scoring_elements":"0.77517","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0103","scoring_system":"epss","scoring_elements":"0.77532","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82193","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.8219","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82216","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82223","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82243","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82235","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82229","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82266","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82159","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82289","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.823","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82305","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82324","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82345","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82366","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82363","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.8238","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82268","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01691","scoring_system":"epss","scoring_elements":"0.82172","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19269"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946345","reference_id":"946345","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946345"},{"reference_url":"https://security.gentoo.org/glsa/202003-35","reference_id":"GLSA-202003-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-35"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935844?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.6b-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.6b-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935820?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.7a%2Bdfsg-12%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.7a%252Bdfsg-12%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935818?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.8%2Bdfsg-4%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-gw9f-rc1s-8udd"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8%252Bdfsg-4%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935822?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.8.c%2Bdfsg-4%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8.c%252Bdfsg-4%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935821?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088724?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1104197?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9a~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9a~dfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-19269"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wwz1-zb24-7qgy"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.6b-2%3Fdistro=trixie"}