CVE-2019-15547

HIGH

Ncurses < 5.99.0 - Format String Vulnerability

Title source: rule

Description

An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled.

References (1)

[Vendor Advisory] https://rustsec.org/advisories/RUSTSEC-2019-0006.html

Scores

CVSS v3 7.5

EPSS 0.0024

EPSS Percentile 46.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-134

Status published

Products (2)

crates.io/ncurses 0crates.io

ncurses_project/ncurses < 5.99.0

Published Aug 26, 2019

Tracked Since Feb 18, 2026