CVE-2020-26420
published 2020-12-11CVE-2020-26420: Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 3.4.1-1 (bookworm) | wireshark 3.4.1-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| oracle | zfs_storage_appliance_kit | — | — |
| the_wireshark_foundation | wireshark | — | — |
| the_wireshark_foundation | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 3.4.1-1 | 3.4.1-1 |
| wireshark | wireshark | >= 0 < 3.4.1-1 | 3.4.1-1 |
| wireshark | wireshark | >= 0 < 3.4.1-1 | 3.4.1-1 |
| wireshark | wireshark | >= 0 < 3.4.1-1 | 3.4.1-1 |
| wireshark | wireshark | 3.2.0 – 3.2.8 | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
osv5.3MEDIUM