CVE-2021-39537 log

Severity Medium
Remote No
Type Denial of service
The ncurses package (tic) is susceptible to a heap-based buffer overflow on crafted input affecting the _nc_captoinfo function in captoinfo.c. When the terminfo entry-description compiler processes input, proper bounds checking was not enforced leading to this software flaw.
Group Package Affected Fixed Severity Status Ticket
AVG-2402 ncurses 6.2-1 6.3-1 Medium Fixed