rpm package
suse/ncurses&distro=SUSE Linux Enterprise Module for Legacy 15 SP4
pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-50495 | — | < 6.1-150000.5.20.1 | 6.1-150000.5.20.1 | Dec 12, 2023 | NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). | ||
| CVE-2023-29491 | — | < 6.1-150000.5.15.1 | 6.1-150000.5.15.1 | Apr 14, 2023 | ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. | ||
| CVE-2022-29458 | — | < 6.1-150000.5.12.1 | 6.1-150000.5.12.1 | Apr 18, 2022 | ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. |
- CVE-2023-50495Dec 12, 2023affected < 6.1-150000.5.20.1fixed 6.1-150000.5.20.1
NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().
- CVE-2023-29491Apr 14, 2023affected < 6.1-150000.5.15.1fixed 6.1-150000.5.15.1
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
- CVE-2022-29458Apr 18, 2022affected < 6.1-150000.5.12.1fixed 6.1-150000.5.12.1
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.