CVE-2020-19186

Опубликовано: 22 авг. 2023

Источник: debian

EPSS Низкий

Описание

Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ncurses	fixed	6.1+20191019-1		package
ncurses	fixed	6.1+20181013-2+deb10u2	buster	package

Примечания

https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc2.md
Fixed in 20191012 with followups in 20191015 and 20191019 patchlevels
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/index.html

EPSS

Процентиль: 91%

0.06189

Низкий

Связанные уязвимости

CVE-2020-19186

CVSS3: 6.5

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

CVE-2020-19186

CVSS3: 6.5

redhat

почти 7 лет назад

Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

CVE-2020-19186

CVSS3: 6.5

nvd

больше 2 лет назад

Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

GHSA-pp24-hg2j-66jm

CVSS3: 6.5

github

больше 2 лет назад

Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

EPSS

Процентиль: 91%

0.06189

Низкий