CVE-2020-26419
published 2020-12-11CVE-2020-26419: Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 3.4.1-1 (bookworm) | wireshark 3.4.1-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| oracle | zfs_storage_appliance_kit | — | — |
| the_wireshark_foundation | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 3.4.1-1 | 3.4.1-1 |
| wireshark | wireshark | >= 0 < 3.4.1-1 | 3.4.1-1 |
| wireshark | wireshark | >= 0 < 3.4.1-1 | 3.4.1-1 |
| wireshark | wireshark | >= 0 < 3.4.1-1 | 3.4.1-1 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
osv5.3MEDIUM