Lucene search

K
mageiaGentoo FoundationMGASA-2019-0387
HistoryDec 14, 2019 - 3:37 a.m.

Updated ncurses packages fix security vulnerabilities

2019-12-1403:37:02
Gentoo Foundation
advisories.mageia.org
46

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.002 Low

EPSS

Percentile

50.4%

Updated ncurses packages fix security vulnerabilities: Heap-based buffer over-read in the _nc_find_entry function (CVE-2019-17594). Heap-based buffer over-read in the fmt_entry function (CVE-2019-17595).

OSVersionArchitecturePackageVersionFilename
Mageia7noarchncurses< 6.1-20181117.3.1ncurses-6.1-20181117.3.1.mga7

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.002 Low

EPSS

Percentile

50.4%

Related for MGASA-2019-0387