ROSA LABROSA-SA-2021-1927Advisory ROSA-SA-2021-1927
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
64.5%
Software: ncurses 5.9
OS: Cobalt 7.9
CVE-ID: CVE-2019-15547
CVE-Crit: HIGH
CVE-DESC: An issue has been discovered in the ncurses box prior to version 5.99.0 for Rust. The printw functions have format string problems due to improper handling of C format arguments.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2019-15548
CVE-Crit: CRITICAL
CVE-DESC: An issue was discovered in the ncurses box before version 5.99.0 for Rust. Possible instr and mvwinstr buffer overflows due to improper interaction with C functions.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2019-17595
CVE-Crit: MEDIUM
CVE-DESC: The fmt_entry function in tinfo / comp_hash.c of the terminfo library in ncurses before 6.1-20191012 has a heap-based buffer reread.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2019-17594
CVE-Crit: MEDIUM
CVE-DESC: The _nc_find_entry function in tinfo / comp_hash.c of the terminfo library in ncurses before 6.1-20191012 has a heap-based buffer reread.
CVE-STATUS: default
CVE-REV: default
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
64.5%