CVE-2022-29458: Out-of-bounds Read

April 18, 2022 (updated November 7, 2023)

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

References

lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html
lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html
nvd.nist.gov/vuln/detail/CVE-2022-29458

Code Behaviors & Features

Detect and mitigate CVE-2022-29458 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →