CVE-2022-29458 HIGH

Question

CVE-2022-29458 HIGH

Closed this issue a year ago · 1 comments

Description

ncurses: segfaulting OOB read
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

https://avd.aquasec.com/nvd/cve-2022-29458

Analysis

Compromised package libncursesw6 is not unitilised by Jupyter Web UI component.

Answer 1 · 2023-07-06T17:32:40.000Z

Not exploitable. Closing.