CVE-2020-19190

Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:ncurses:6.1:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*

History

13 Dec 2023, 01:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2023/Dec/10 -
  • () http://seclists.org/fulldisclosure/2023/Dec/9 -
  • () http://seclists.org/fulldisclosure/2023/Dec/11 -

11 Dec 2023, 19:15

Type Values Removed Values Added
CPE cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
cpe:2.3:a:gnu:ncurses:6.1:*:*:*:*:*:*:*
CWE CWE-787
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
References
  • () https://support.apple.com/kb/HT214038 -
  • () https://support.apple.com/kb/HT214036 -
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20231006-0005/ - Third Party Advisory
  • () https://support.apple.com/kb/HT214037 -
References (MISC) https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc6.md - (MISC) https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc6.md - Exploit, Third Party Advisory

22 Aug 2023, 19:16

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-22 19:16

Updated : 2024-02-05 00:01


NVD link : CVE-2020-19190

Mitre link : CVE-2020-19190

CVE.ORG link : CVE-2020-19190


JSON object : View

Products Affected

netapp

  • active_iq_unified_manager

gnu

  • ncurses
CWE
CWE-787

Out-of-bounds Write