Éæ

**Name of the Vulnerable Software and Affected Versions** ncurses versions 6.3 through 6.3 before patch 20220416 **Description** The issue is related to an out-of-bounds read and segmentation violation in the `convert strings` function in `tinfo/read entry.c` within the terminfo library. This can allow an attacker to access confidential data and cause a denial-of-service. The vulnerability is associated with reading beyond the valid boundaries of a data buffer. **Recommendations** For ncurses version 6.3 before patch 20220416, apply the patch 20220416 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.