Buffer Overflow Vulnerability in Ncurses by Tinfo
CVE-2020-19186

6.5MEDIUM

Key Information:

Vendor: Gnu
Status: Ncurses
Vendor: CVE Published:; 22 August 2023

What is CVE-2020-19186?

A buffer overflow vulnerability exists in the _nc_find_entry function within the tinfo/comp_hash.c file in ncurses version 6.1. This flaw allows remote attackers to exploit the vulnerable software, leading to a denial of service condition through specially crafted commands. Attackers can leverage this vulnerability to disrupt service availability, emphasizing the importance of timely security updates and careful input validation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/zjuchenyuan/fuzzpoc/blob/master/infoto...

https://security.netapp.com/advisory/ntap-20231006-0005/

https://support.apple.com/kb/HT214038

EPSS Score

6% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 22, 2023
Vulnerability Reserved
Aug 13, 2020

JSON

Gnu

What is CVE-2020-19186?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

EPSS Score

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.