CVE-2020-19185

Name of the Vulnerable Software and Affected Versions ncurses version 6.1

Description The issue is related to a Buffer Overflow vulnerability in the one one mapping function in progs/dump entry.c:1373. This allows remote attackers to cause a denial of service via crafted commands. The vulnerability is exploited through the one one mapping function, which is susceptible to buffer overflow attacks when processing crafted input.

Recommendations For ncurses version 6.1, this issue was addressed with improved checks, implying that updating to a version with these improved checks would resolve the issue. As a temporary workaround, consider restricting access to the one one mapping function in progs/dump entry.c to minimize the risk of exploitation.