cursive
cursive copied to clipboard
[BUG] ncurses vulnerability - CVE-2019-15548
Describe the bug ncurses is subject to the vulnerability listed in https://nvd.nist.gov/vuln/detail/CVE-2019-15548
Environment
- Cursive commit https://github.com/gyscos/cursive/commit/0c6669d6732c3cffeda983958bd9a0fe05ac3b44 (at least)
Thanks for the report!
I don't think we use the affected functions, but it doesn't hurt to update to the latest version of fixed.
More information can be found here: https://rustsec.org/advisories/RUSTSEC-2019-0006
Affected functions:
- ncurses::instr
- ncurses::mvprintw
- ncurses::mvwinstr
- ncurses::mvwprintw
- ncurses::printw
I don't think we use the affected functions
Yeah, I couldn't find any usage of an affected function either.
but it doesn't hurt to update to the latest version of fixed
So far there's no fix available: https://github.com/jeaye/ncurses-rs/issues/209
Will close this for now. Thank you