{"id":"JLSEC-2026-451","details":"An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.","modified":"2026-05-05T16:12:51.207293Z","published":"2026-05-05T15:51:30.603Z","upstream":["CVE-2021-39537"],"database_specific":{"sources":[{"imported":"2026-05-05T15:04:40.585Z","database_specific":{"status":"Modified"},"modified":"2024-11-21T06:19:38.517Z","id":"CVE-2021-39537","published":"2021-09-20T16:15:12.477Z","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-39537","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-39537"}],"license":"CC-BY-4.0"},"references":[{"type":"WEB","url":"http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup"},{"type":"WEB","url":"http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2022/Oct/28"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2022/Oct/28"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2022/Oct/41"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2022/Oct/41"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2022/Oct/43"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2022/Oct/43"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2022/Oct/45"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2022/Oct/45"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html"},{"type":"WEB","url":"https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html"},{"type":"WEB","url":"https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html"},{"type":"WEB","url":"https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html"},{"type":"WEB","url":"https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20230427-0012/"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20230427-0012/"},{"type":"WEB","url":"https://support.apple.com/kb/HT213443"},{"type":"WEB","url":"https://support.apple.com/kb/HT213443"},{"type":"WEB","url":"https://support.apple.com/kb/HT213444"},{"type":"WEB","url":"https://support.apple.com/kb/HT213444"},{"type":"WEB","url":"https://support.apple.com/kb/HT213488"},{"type":"WEB","url":"https://support.apple.com/kb/HT213488"}],"affected":[{"package":{"name":"Ncurses_jll","ecosystem":"Julia","purl":"pkg:julia/Ncurses_jll?uuid=68e3532b-a499-55ff-9963-d1c0c0748b3a"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"6.4.0+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-451.json"}}],"schema_version":"1.7.5"}