suse · CVE-2017-11113

Quick triage

Priority: medium Published: 2021-05-30 13:58:39 UTC Updated: 2026-04-17 16:04:32 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-11113 severity moderate: SUSE including 90 source package names (0.9.1:libncurses5-5.9-50.1, 0.9.1:libncurses6-5.9-50.1, …), 436 product×package rows across 76 product lines (Container caasp/v4/default-http-backend, Container caasp/v4/dnsmasq-nanny, … (76 product lines)): Fixed 322, Known Not Affected 114.

Description:

In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.

cvelogic Threat Intelligence