Your submission was sent successfully! Close

CVE-2019-17594

Published: 14 October 2019

There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

Priority

Negligible

CVSS 3 base score: 5.3

Status

Package Release Status
ncurses
Launchpad, Ubuntu, Debian
bionic Needed

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal
Released (6.1+20191019-1ubuntu1)
groovy
Released (6.1+20191019-1ubuntu1)
hirsute
Released (6.1+20191019-1ubuntu1)
impish
Released (6.1+20191019-1ubuntu1)
jammy
Released (6.1+20191019-1ubuntu1)
precise Ignored
(end of ESM support, was needed)
trusty
Released (5.9+20140118-1ubuntu1+esm2)
upstream
Released (6.1+20191019-1)
xenial
Released (6.0+20160213-1ubuntu1+esm2)