CVE-2023-50495 — Uncontrolled Resource Consumption in Ncurse

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 84.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedDec 12

Latest updateMar 7

Description

NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

▶Debiangnu/ncurses< 6.4+20230625-1+1

OSV

CVE-2023-50495: NCurse v6↗2023-12-12

▶

GHSA

GHSA-8p5h-3mcg-frjf: NCurse v6↗2023-12-12

▶

CVEList

CVE-2023-50495: NCurse v6↗2023-12-12

▶

Ubuntu

ncurses vulnerability↗2024-03-07

▶

Microsoft

NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().↗2023-12-12

▶

Red Hat

ncurses: segmentation fault via _nc_wrap_entry()↗2023-12-12

▶

Debian

CVE-2023-50495: ncurses - NCurse v6.4-20230418 was discovered to contain a segmentation fault via the comp...↗2023

▶