Debian Ncurses vulnerabilities

CVE-2025-69720 [HIGH] CVE-2025-69720: ncurses - The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based b... The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 6.6+20251231-1) sid: resolved (fixed in 6.6+20251231-1) trixie: open

CVE-2025-6141 [MEDIUM] CVE-2025-6141: ncurses - A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified ... A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommende

CVE-2023-29491 [HIGH] CVE-2023-29491: ncurses - ncurses before 6.4 20230408, when used by a setuid application, allows local use... ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. Scope: local bookworm: resolved (fixed in 6.4-3) bullseye: resolved (fixed in 6.2+20201114-2+deb11u2

CVE-2023-50495 [MEDIUM] CVE-2023-50495: ncurses - NCurse v6.4-20230418 was discovered to contain a segmentation fault via the comp... NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Scope: local bookworm: open bullseye: open forky: resolved (fixed in 6.4+20230625-1) sid: resolved (fixed in 6.4+20230625-1) trixie: resolved (fixed in 6.4+20230625-1)

CVE-2022-29458 [HIGH] CVE-2022-29458: ncurses - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation vio... ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Scope: local bookworm: resolved (fixed in 6.3+20220423-1) bullseye: resolved (fixed in 6.2+20201114-2+deb11u1) forky: resolved (fixed in 6.3+20220423-1) sid: resolved (fixed in 6.3+20220423-1) trixie: resolved (fixe

CVE-2021-39537 [HIGH] CVE-2021-39537: ncurses - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c ... An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 6.2+20200912-1) bullseye: resolved (fixed in 6.2+20200912-1) forky: resolved (fixed in 6.2+20200912-1) sid: resolved (fixed in 6.2+20200912-1) trixie: resolved (fixed in 6.2+20200912-1)

CVE-2020-19187 [MEDIUM] CVE-2020-19187: ncurses - Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 i... Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Scope: local bookworm: resolved (fixed in 6.1+20191019-1) bullseye: resolved (fixed in 6.1+20191019-1) forky: resolved (fixed in 6.1+20191019-1) sid: resolved (fixed in 6.1+20191019-1) trixie: resol

CVE-2020-19185 [MEDIUM] CVE-2020-19185: ncurses - Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:... Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Scope: local bookworm: resolved (fixed in 6.1+20191019-1) bullseye: resolved (fixed in 6.1+20191019-1) forky: resolved (fixed in 6.1+20191019-1) sid: resolved (fixed in 6.1+20191019-1) trixie:

CVE-2020-19186 [MEDIUM] CVE-2020-19186: ncurses - Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66... Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Scope: local bookworm: resolved (fixed in 6.1+20191019-1) bullseye: resolved (fixed in 6.1+20191019-1) forky: resolved (fixed in 6.1+20191019-1) sid: resolved (fixed in 6.1+20191019-1) trixie: res

CVE-2020-19188 [MEDIUM] CVE-2020-19188: ncurses - Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 i... Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Scope: local bookworm: resolved (fixed in 6.1+20191019-1) bullseye: resolved (fixed in 6.1+20191019-1) forky: resolved (fixed in 6.1+20191019-1) sid: resolved (fixed in 6.1+20191019-1) trixie: resol

CVE-2020-19190 [MEDIUM] CVE-2020-19190: ncurses - Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurs... Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Scope: local bookworm: resolved (fixed in 6.1+20191019-1) bullseye: resolved (fixed in 6.1+20191019-1) forky: resolved (fixed in 6.1+20191019-1) sid: resolved (fixed in 6.1+20191019-1) trixie: resolved (fi

CVE-2020-19189 [MEDIUM] CVE-2020-19189: ncurses - Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_en... Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Scope: local bookworm: resolved (fixed in 6.1+20191019-1) bullseye: resolved (fixed in 6.1+20191019-1) forky: resolved (fixed in 6.1+20191019-1) sid: resolved (fixed in 6.1+20191019-1) tr

CVE-2019-17594 [MEDIUM] CVE-2019-17594: ncurses - There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/c... There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Scope: local bookworm: resolved (fixed in 6.1+20191019-1) bullseye: resolved (fixed in 6.1+20191019-1) forky: resolved (fixed in 6.1+20191019-1) sid: resolved (fixed in 6.1+20191019-1) trixie: resolved (fixed in 6.1+201

CVE-2019-17595 [MEDIUM] CVE-2019-17595: ncurses - There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_h... There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Scope: local bookworm: resolved (fixed in 6.1+20191019-1) bullseye: resolved (fixed in 6.1+20191019-1) forky: resolved (fixed in 6.1+20191019-1) sid: resolved (fixed in 6.1+20191019-1) trixie: resolved (fixed in 6.1+20191019

CVE-2018-19217 [MEDIUM] CVE-2018-19217: ncurses - In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the f... In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party Scope: local bookworm: resolved (fixed in 6.0+20170701-1) bullseye:

CVE-2018-19211 [MEDIUM] CVE-2018-19211: ncurses - In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry ... In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection. Scope: local bookworm: resolved (fixed in 6.1+20180210-3) bullseye: resolved (fixed in 6.1+20180210-3)

CVE-2017-10685 [CRITICAL] CVE-2017-10685: ncurses - In ncurses 6.0, there is a format string vulnerability in the fmt_entry function... In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack. Scope: local bookworm: resolved (fixed in 6.0+20170701-1) bullseye: resolved (fixed in 6.0+20170701-1) forky: resolved (fixed in 6.0+20170701-1) sid: resolved (fixed in 6.0+20170701-1) trixie: resolved (fixed in

CVE-2017-10684 [CRITICAL] CVE-2017-10684: ncurses - In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function... In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack. Scope: local bookworm: resolved (fixed in 6.0+20170708-1) bullseye: resolved (fixed in 6.0+20170708-1) forky: resolved (fixed in 6.0+20170708-1) sid: resolved (fixed in 6.0+20170708-1) trixie: resolved (fixed in

CVE-2017-13728 [HIGH] CVE-2017-13728: ncurses - There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.... There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack. Scope: local bookworm: resolved (fixed in 6.0+20170827-1) bullseye: resolved (fixed in 6.0+20170827-1) forky: resolved (fixed in 6.0+20170827-1) sid: resolved (fixed in 6.0+20170827-1) trixie: resolved

CVE-2017-16879 [HIGH] CVE-2017-16879: ncurses - Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry... Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. Scope: local bookworm: resolved (fixed in 6.0+20171125-1) bullseye: resolved (fixed in 6.0+20171125-1) forky: resolv