VYPR
Unrated severityNVD Advisory· Published Nov 26, 2019· Updated Aug 5, 2024

CVE-2019-19269

CVE-2019-19269

Description

An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.