In ncurses 6.1, there is a NULL pointer dereference at function nc parse entry in parse entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection.