{"id":"CVE-2018-19211","details":"In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a \"dubious character `*' in name or alias field\" detection.","modified":"2026-03-14T09:28:42.046678Z","published":"2018-11-12T19:29:00.347Z","related":["SUSE-SU-2018:3967-1","SUSE-SU-2018:4000-1"],"references":[{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1643754"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mirror/ncurses","events":[{"introduced":"0"},{"last_affected":"1713400c1c9b80cb7cb9d204acb0525dc592b07d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.1"}]}}],"versions":["v4.1","v4.2","v5.0","v5.1","v5.2","v5.3","v5.4","v5.5","v5.6","v5.7","v5.8","v5.9","v6.0","v6.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19211.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}