rpm package
suse/ncurses&distro=SUSE Linux Enterprise Module for Development Tools 15
pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-17594 | — | < 6.1-5.6.2 | 6.1-5.6.2 | Oct 14, 2019 | There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | ||
| CVE-2019-17595 | — | < 6.1-5.6.2 | 6.1-5.6.2 | Oct 14, 2019 | There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | ||
| CVE-2018-19211 | — | < 6.1-5.3.1 | 6.1-5.3.1 | Nov 12, 2018 | In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection. |
- CVE-2019-17594Oct 14, 2019affected < 6.1-5.6.2fixed 6.1-5.6.2
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
- CVE-2019-17595Oct 14, 2019affected < 6.1-5.6.2fixed 6.1-5.6.2
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
- CVE-2018-19211Nov 12, 2018affected < 6.1-5.3.1fixed 6.1-5.3.1
In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection.