rpm package

suse/ncurses&distro=SUSE Linux Enterprise Micro 5.1

pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Vulnerabilities (4)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-50495	—	< 6.1-150000.5.20.1	6.1-150000.5.20.1	Dec 12, 2023	NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().
CVE-2023-29491	—	< 6.1-150000.5.15.1	6.1-150000.5.15.1	Apr 14, 2023	ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
CVE-2022-29458	—	< 6.1-150000.5.12.1	6.1-150000.5.12.1	Apr 18, 2022	ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
CVE-2021-39537	—	< 6.1-5.9.1	6.1-5.9.1	Sep 20, 2021	An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.

CVE-2023-50495Dec 12, 2023
affected < 6.1-150000.5.20.1fixed 6.1-150000.5.20.1
NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().
CVE-2023-29491Apr 14, 2023
affected < 6.1-150000.5.15.1fixed 6.1-150000.5.15.1
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
CVE-2022-29458Apr 18, 2022
affected < 6.1-150000.5.12.1fixed 6.1-150000.5.12.1
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
CVE-2021-39537Sep 20, 2021
affected < 6.1-5.9.1fixed 6.1-5.9.1
An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.