First published: Mon Sep 20 2021(Updated: )
An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.
Credit: CVE-2021-39537 CVE-2021-39537 CVE-2021-39537 cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU ncurses | <=6.2.1 | |
Apple Mac OS X | =10.12.6 | |
Apple macOS | =11.7 | |
Apple macOS | =13.0 | |
Apple macOS Big Sur | <11.7 | 11.7 |
<12.6 | 12.6 | |
<13 | 13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2021-39537 is a vulnerability in ncurses that was addressed with improved bounds checking.
The severity of CVE-2021-39537 is not specified in the provided information.
CVE-2021-39537 affects macOS Big Sur (11.7), macOS Monterey (12.6), and macOS Ventura (up to exclusive version 13).
To fix CVE-2021-39537, update your macOS to the corresponding remedied versions: macOS Big Sur 11.7, macOS Monterey 12.6, or macOS Ventura (version 13 or later if available).
You can find more information about CVE-2021-39537 at the following references: [Apple support article 1](https://support.apple.com/en-us/HT213443), [Apple support article 2](https://support.apple.com/en-us/HT213444), and [Apple support article 3](https://support.apple.com/en-us/HT213488).