Lucene search

K

Alpine Linux Development TeamALPINE:CVE-2019-17594

HistoryOct 14, 2019 - 9:15 p.m.

CVE-2019-17594

2019-10-1421:15:00

Alpine Linux Development Team

security.alpinelinux.org

10

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

OSVersionArchitecturePackageVersionFilename
Alpine3.11-mainnoarchncurses= 6.1_p20200118-r4UNKNOWN

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

Related for ALPINE:CVE-2019-17594

ubuntucve1 veracode1 prion1 osv5 debiancve1 cve1 redhatcve1 suse2 nessus23 openvas15 gentoo1 rocky1 oraclelinux1 ibm5 rosalinux2 almalinux1 mageia1 redhat26 ubuntu2 cloudfoundry1 photon6 amazon1 ics1