{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-19185", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-04T14:08:30.611Z", "dateReserved": "2020-08-13T00:00:00", "datePublished": "2023-08-22T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-12-13T01:08:50.725421"}, "descriptions": [{"lang": "en", "value": "Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md"}, {"url": "https://security.netapp.com/advisory/ntap-20231006-0005/"}, {"url": "https://support.apple.com/kb/HT214038"}, {"url": "https://support.apple.com/kb/HT214036"}, {"url": "https://support.apple.com/kb/HT214037"}, {"name": "20231212 APPLE-SA-12-11-2023-4 macOS Sonoma 14.2", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Dec/9"}, {"name": "20231212 APPLE-SA-12-11-2023-5 macOS Ventura 13.6.3", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Dec/10"}, {"name": "20231212 APPLE-SA-12-11-2023-6 macOS Monterey 12.7.2", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Dec/11"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T14:08:30.611Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20231006-0005/", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214038", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214036", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214037", "tags": ["x_transferred"]}, {"name": "20231212 APPLE-SA-12-11-2023-4 macOS Sonoma 14.2", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Dec/9"}, {"name": "20231212 APPLE-SA-12-11-2023-5 macOS Ventura 13.6.3", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Dec/10"}, {"name": "20231212 APPLE-SA-12-11-2023-6 macOS Monterey 12.7.2", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Dec/11"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:ncurses:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D1F38E3C-7B14-411F-B7F6-32828CD4D56B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*", "matchCriteriaId": "E8F29E19-3A64-4426-A2AA-F169440267CC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command."}, {"lang": "es", "value": "Vulnerabilidad de desbordamiento de b\u00fafer en la funci\u00f3n \"one_one_mapping\" en progs/dump_entry.c:1373 en ncurses v6.1 que permite a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de un comando manipulado. "}], "id": "CVE-2020-19185", "lastModified": "2024-11-21T05:09:00.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-22T19:15:57.233", "references": [{"source": "cve@mitre.org", "url": "http://seclists.org/fulldisclosure/2023/Dec/10"}, {"source": "cve@mitre.org", "url": "http://seclists.org/fulldisclosure/2023/Dec/11"}, {"source": "cve@mitre.org", "url": "http://seclists.org/fulldisclosure/2023/Dec/9"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20231006-0005/"}, {"source": "cve@mitre.org", "url": "https://support.apple.com/kb/HT214036"}, {"source": "cve@mitre.org", "url": "https://support.apple.com/kb/HT214037"}, {"source": "cve@mitre.org", "url": "https://support.apple.com/kb/HT214038"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2023/Dec/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2023/Dec/11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2023/Dec/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20231006-0005/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214036"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214037"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214038"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "ncurses: Heap buffer overflow in one_one_mapping function in progs/dump_entry.c:1373", "id": "2234924", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234924"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-122", "details": ["Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.", "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash."], "mitigation": {"lang": "en:us", "value": "Do not compile or decompile untrusted terminfo descriptions."}, "name": "CVE-2020-19185", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "ncurses", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "ncurses", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "ncurses", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ncurses", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2019-05-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-19185\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-19185"], "statement": "Red Hat Product Security has rated this issue as having a Low security impact because processing terminfo descriptions in the source form should be handled the same way as executable files or source code of any programming language. Users are not supposed to use untrusted terminfo descriptions.\nThe ncurses library shipped with Red Hat Enterprise Linux 9 is not affected by this vulnerability because it has a newer, fixed ncurses version.", "threat_severity": "Low"}