Lucene search

K

MitreCVELIST:CVE-2019-19269

HistoryNov 26, 2019 - 3:34 a.m.

CVE-2019-19269

2019-11-2603:34:24

mitre

www.cve.org

8

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

61.4%

An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.

References

lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html

github.com/proftpd/proftpd/issues/861

lists.debian.org/debian-lts-announce/2019/11/msg00039.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGBBCPLJSDPFG5EI5P5G7P4KEX7YSD5G/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QR65XUHPCRU3NXTSFVF2J4GWRIHC7AHW/

security.gentoo.org/glsa/202003-35

www.oracle.com/security-alerts/cpuapr2020.html

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

61.4%

Related for CVELIST:CVE-2019-19269

debian1 prion1 openvas9 debiancve1 osv2 nessus5 cve1 mageia1 ubuntucve1 nvd1 fedora4 gentoo1 suse1 oracle1