CVE-2022-29458

Опубликовано: 18 апр. 2022

Источник: debian

EPSS Низкий

Описание

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ncurses	fixed	6.3+20220423-1		package
ncurses	fixed	6.2+20201114-2+deb11u1	bullseye	package
ncurses	no-dsa		stretch	package

Примечания

https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html
https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html
https://invisible-island.net/ncurses/NEWS.html#t20220416

EPSS

Процентиль: 6%

0.00027

Низкий

Связанные уязвимости

CVE-2022-29458

CVSS3: 7.1

ubuntu

около 3 лет назад

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

CVE-2022-29458

CVSS3: 6.1

redhat

около 3 лет назад

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

CVE-2022-29458

CVSS3: 7.1

nvd

около 3 лет назад

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

CVE-2022-29458

CVSS3: 7.1

msrc

около 3 лет назад

Описание отсутствует

SUSE-SU-2022:2718-1

suse-cvrf

почти 3 года назад

Security update for ncurses

EPSS

Процентиль: 6%

0.00027

Низкий