{"url":"http://public2.vulnerablecode.io/api/packages/935845?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.6-1?distro=trixie","type":"deb","namespace":"debian","name":"proftpd-dfsg","version":"1.3.6-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.3.6-6","latest_non_vulnerable_version":"1.3.9a~dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94101?format=json","vulnerability_id":"VCID-6kef-2azs-xugx","summary":"An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19271","reference_id":"","reference_type":"","scores":[{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71297","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.75987","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76019","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.75998","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76031","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76046","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76047","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76042","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76082","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.75984","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.7607","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76109","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76119","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.7613","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76139","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.7617","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76192","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76179","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76194","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76086","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935845?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935820?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.7a%2Bdfsg-12%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.7a%252Bdfsg-12%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935818?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.8%2Bdfsg-4%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-gw9f-rc1s-8udd"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8%252Bdfsg-4%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935822?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.8.c%2Bdfsg-4%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8.c%252Bdfsg-4%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935821?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088724?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1104197?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9a~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9a~dfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-19271"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6kef-2azs-xugx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94102?format=json","vulnerability_id":"VCID-xeeh-rpu9-63g6","summary":"An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19272","reference_id":"","reference_type":"","scores":[{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.48853","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61984","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62016","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61985","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62035","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62052","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62072","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62062","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6204","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62083","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61911","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6207","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62067","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62084","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62077","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62023","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62073","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62133","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62089","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62116","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62088","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19272"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935845?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935820?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.7a%2Bdfsg-12%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.7a%252Bdfsg-12%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935818?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.8%2Bdfsg-4%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-gw9f-rc1s-8udd"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8%252Bdfsg-4%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935822?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.8.c%2Bdfsg-4%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"},{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8.c%252Bdfsg-4%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935821?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mcdd-yygw-wfch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088724?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4fvy-s5b9-yqfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1104197?format=json","purl":"pkg:deb/debian/proftpd-dfsg@1.3.9a~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9a~dfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-19272"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xeeh-rpu9-63g6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.6-1%3Fdistro=trixie"}