DevGuard Logo

🛡️ DevGuard
Group
/🧩 DevGuard Action
Repository

Overview
Compliance
Artifacts
Code Risks
Dependency Risks
License Risks
Dependencies

CVE-2020-19189

Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

GitHub Logohttps://github.com/l3montree-dev/devguard-action/issues/100
Fixed
LOW (3.9)
  • logo

    System detected CVE-2020-19189 with a risk of 2.16

    main
  • T

    Tim Bastin detected CVE-2020-19189 with a risk of 2.16

    0.11.1
  • T

    Tim Bastin detected CVE-2020-19189 with a risk of 2.16

    feautre/sarif-sbom-upload-actions
  • logo

    System created a ticket for CVE-2020-19189

    main

    Everything after this entry will be synced with the external system. The ticket can be found at https://github.com/l3montree-dev/devguard-action/issues/100

  • T

    Tim Bastin detected CVE-2020-19189 with a risk of 2.16

    fix/default-branche
  • T

    Tim Bastin fixed CVE-2020-19189

    main
  • S

    Sebastian Kawelke updated the risk assessment from 2.16 to 3.82

    attest

    Confidentiality Requirement updated: high -> low, Availability Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.16 to 3.82

    main

    Confidentiality Requirement updated: high -> low, Availability Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.16 to 3.82

    attesting

    Confidentiality Requirement updated: high -> low, Availability Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.16 to 3.82

    146-test-auto--/m-atic-cr/eation-of-github-branches

    Confidentiality Requirement updated: high -> low, Availability Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.16 to 3.82

    feautre/sarif-sbom-upload-actions

    Confidentiality Requirement updated: high -> low, Availability Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.16 to 3.82

    0.11.1

    Confidentiality Requirement updated: high -> low, Availability Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.16 to 3.82

    fix/default-branche

    Confidentiality Requirement updated: high -> low, Availability Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.16 to 3.82

    144-slugify-url-variables-in-the------------attest-job

    Confidentiality Requirement updated: high -> low, Availability Requirement updated: low -> high

  • logo

    System

    main
  • logo

    System updated the risk assessment from 3.82 to 3.87

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.87 to 3.86

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.86 to 3.87

    main

    System recalculated raw risk assessment

  • logo

    System fixed CVE-2020-19189

    main
  • logo

    System updated the risk assessment from 3.87 to 3.89

    main

    System recalculated raw risk assessment

Reopen this vulnerability

You can reopen this vuln, if you plan to mitigate the risk now, or accepted this vuln by accident.

Comment will be synced with https://github.com/l3montree-dev/devguard-action/issues/100
Last calculated at:

Affected component

debian/ncurses

Installed version:
6.4
Fixed in:
6.1+20191019-1
Show in dependency graph

Management decisions across the organization

GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 2ab7b793efd72421aea8c3a994ac60202bf1b3a5