CVE-2020-19188

CWE-787Out-of-bounds WriteCWE-121Stack-based Buffer Overflow9 documents7 sources
Severity
6.5MEDIUM
EPSS
7.3%
top 8.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Ncurses
Timeline
PublishedAug 22
Latest updateDec 11

Description

Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

Debianncurses< 6.1+20191019-1+3
NVDgnu/ncurses6.1

🔴Vulnerability Details

3
OSV
CVE-2020-19188: Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry2023-08-22
GHSA
GHSA-8jj7-mqrc-fff9: Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry2023-08-22
CVEList
CVE-2020-19188: Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry2023-08-22

📋Vendor Advisories

5
Apple
CVE-2020-19188: macOS Monterey 12.7.22023-12-11
Apple
CVE-2020-19188: macOS Ventura 13.6.32023-12-11
Apple
CVE-2020-19188: macOS Sonoma 14.22023-12-11
Debian
CVE-2020-19188: ncurses - Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 i...2020
Red Hat
ncurses: Stack buffer overflow in fmt_entry function in progs/dump_entry.c:11162019-05-03
CVE-2020-19188 (MEDIUM CVSS 6.5) | Buffer Overflow vulnerability in fm | cvebase.io