There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a denial of service attack. Bug report: https://bugzilla.redhat.com/show_bug.cgi?id=1484274
Created ncurses tracking bugs for this issue: Affects: fedora-all [bug 1488923]
*** Bug 1484274 has been marked as a duplicate of this bug. ***