{"id":"CVE-2023-45918","details":"ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c. NOTE: Multiple third parties have disputed this indicating upstream does not regard it as a security issue.","modified":"2024-10-31T20:50:10.742932Z","published":"2024-02-16T22:15:07Z","withdrawn":"2024-10-28T20:49:55Z","related":["SUSE-SU-2024:1132-1","SUSE-SU-2024:1133-1","SUSE-SU-2024:1133-2"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240315-0006/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300290#c1"},{"type":"WEB","url":"https://lists.gnu.org/archive/html/bug-ncurses/2023-06/msg00005.html"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2023-45918"}],"affected":[{"package":{"name":"ncurses","ecosystem":"Debian:11","purl":"pkg:deb/debian/ncurses?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.2+20201114-2","6.2+20201114-2+deb11u1","6.2+20201114-2+deb11u2","6.2+20201114-3","6.2+20201114-4","6.2+20210905-1","6.3+20220423-1","6.3+20220423-2","6.3+20221224-1","6.3+20221224-2","6.3-1","6.3-2","6.4+20230603-1","6.4+20230625-1","6.4+20230625-2","6.4+20231007-1","6.4+20231016-1","6.4+20231118-1","6.4+20231121-1","6.4+20231209-1","6.4+20240113-1","6.4+20240414-1","6.4-1","6.4-2","6.4-3","6.4-4","6.5-1","6.5-2"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-45918.json"}},{"package":{"name":"ncurses","ecosystem":"Debian:12","purl":"pkg:deb/debian/ncurses?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.4+20230603-1","6.4+20230625-1","6.4+20230625-2","6.4+20231007-1","6.4+20231016-1","6.4+20231118-1","6.4+20231121-1","6.4+20231209-1","6.4+20240113-1","6.4+20240414-1","6.4-4","6.5-1","6.5-2"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-45918.json"}},{"package":{"name":"ncurses","ecosystem":"Debian:13","purl":"pkg:deb/debian/ncurses?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.4+20230625-1"}]}],"versions":["6.4+20230603-1","6.4-4"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-45918.json"}}],"schema_version":"1.7.3"}