Debian Wireshark vulnerabilities

694 known vulnerabilities affecting debian/wireshark.

Total CVEs
694
CISA KEV
0
Public exploits
55
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH129MEDIUM276LOW281

Vulnerabilities

Page 3 of 35
CVE-2023-3648MEDIUMCVSS 5.3fixed in wireshark 4.0.11-1~deb12u1 (bookworm)2023
CVE-2023-3648 [MEDIUM] CVE-2023-3648: wireshark - Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows den... Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.11-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.7-1) sid: resolved (fixed in 4.0.7-1) trixie: resolved (fixed in 4.0.7-1)
debian
CVE-2023-0415MEDIUMCVSS 6.3fixed in wireshark 4.0.3-1 (bookworm)2023
CVE-2023-0415 [MEDIUM] CVE-2023-0415: wireshark - iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows... iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.3-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.3-1) sid: resolved (fixed in 4.0.3-1) trixie: resolved (fixed in 4.0.3-1)
debian
CVE-2023-0667MEDIUMCVSS 6.5fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023
CVE-2023-0667 [MEDIUM] CVE-2023-0667: wireshark - Due to failure in validating the length provided by an attacker-crafted MSMMS pa... Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved (fixed in 3.4.
debian
CVE-2023-2879MEDIUMCVSS 6.3fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023
CVE-2023-2879 [MEDIUM] CVE-2023-2879: wireshark - GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denia... GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.6-1) sid: resolved (fixed in 4.0.6-1) trixie: resolved (fixed in 4.0.6-1)
debian
CVE-2023-0668MEDIUMCVSS 6.5fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023
CVE-2023-0668 [MEDIUM] CVE-2023-0668: wireshark - Due to failure in validating the length provided by an attacker-crafted IEEE-C37... Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb1
debian
CVE-2023-4511MEDIUMCVSS 5.3fixed in wireshark 4.0.11-1~deb12u1 (bookworm)2023
CVE-2023-4511 [MEDIUM] CVE-2023-4511: wireshark - BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 a... BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.11-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.8-1) sid: resolved (fixed in 4.0.8-1) trixie: resolved (fixed in 4.0.8-1)
debian
CVE-2023-2855MEDIUMCVSS 5.3fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023
CVE-2023-2855 [MEDIUM] CVE-2023-2855: wireshark - Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows ... Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.6-1) sid: resolved (fixed in 4.0.6-1) trixie: resolved (fixed in 4.0.6-1)
debian
CVE-2023-0413MEDIUMCVSS 6.3fixed in wireshark 4.0.3-1 (bookworm)2023
CVE-2023-0413 [MEDIUM] CVE-2023-0413: wireshark - Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows... Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.3-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.3-1) sid: resolved (fixed in 4.0.3-1) trixie: resolved (fixed in 4.0.3-1)
debian
CVE-2023-0411MEDIUMCVSS 6.3fixed in wireshark 4.0.3-1 (bookworm)2023
CVE-2023-0411 [MEDIUM] CVE-2023-0411: wireshark - Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to ... Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.3-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.3-1) sid: resolved (fixed in 4.0.3-1) trixie: resolved (fixed in 4.0.3-1)
debian
CVE-2023-2858MEDIUMCVSS 5.3fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023
CVE-2023-2858 [MEDIUM] CVE-2023-2858: wireshark - NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allo... NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.6-1) sid: resolved (fixed in 4.0.6-1) trixie: resolved (fixed in 4.0.6-1)
debian
CVE-2023-0412MEDIUMCVSS 6.3fixed in wireshark 4.0.3-1 (bookworm)2023
CVE-2023-0412 [MEDIUM] CVE-2023-0412: wireshark - TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows ... TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.3-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.3-1) sid: resolved (fixed in 4.0.3-1) trixie: resolved (fixed in 4.0.3-1)
debian
CVE-2023-4513MEDIUMCVSS 5.3fixed in wireshark 4.0.11-1~deb12u1 (bookworm)2023
CVE-2023-4513 [MEDIUM] CVE-2023-4513: wireshark - BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 all... BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.11-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.8-1) sid: resolved (fixed in 4.0.8-1) trixie: resolved (fixed in 4.0.8-1)
debian
CVE-2023-4512MEDIUMCVSS 5.3fixed in wireshark 4.0.11-1~deb12u1 (bookworm)2023
CVE-2023-4512 [MEDIUM] CVE-2023-4512: wireshark - CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via pa... CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.11-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.8-1) sid: resolved (fixed in 4.0.8-1) trixie: resolved (fixed in 4.0.8-1)
debian
CVE-2023-0416MEDIUMCVSS 6.3fixed in wireshark 4.0.3-1 (bookworm)2023
CVE-2023-0416 [MEDIUM] CVE-2023-0416: wireshark - GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows d... GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.3-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.3-1) sid: resolved (fixed in 4.0.3-1) trixie: resolved (fixed in 4.0.3-1)
debian
CVE-2023-0414MEDIUMCVSS 6.3fixed in wireshark 4.0.3-1 (bookworm)2023
CVE-2023-0414 [MEDIUM] CVE-2023-0414: wireshark - Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service ... Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.3-1) bullseye: resolved forky: resolved (fixed in 4.0.3-1) sid: resolved (fixed in 4.0.3-1) trixie: resolved (fixed in 4.0.3-1)
debian
CVE-2023-1161MEDIUMCVSS 6.3fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023
CVE-2023-1161 [MEDIUM] CVE-2023-1161: wireshark - ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to... ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.6-1) sid: resolved (fixed in 4.0.6-1) trixie: resolved (fixed in 4.0.6-1
debian
CVE-2023-6174MEDIUMCVSS 6.3fixed in wireshark 4.0.11-1~deb12u1 (bookworm)2023
CVE-2023-6174 [MEDIUM] CVE-2023-6174: wireshark - SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via pa... SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.11-1~deb12u1) bullseye: resolved forky: resolved (fixed in 4.0.11-1) sid: resolved (fixed in 4.0.11-1) trixie: resolved (fixed in 4.0.11-1)
debian
CVE-2023-5371MEDIUMCVSS 5.3fixed in wireshark 4.0.11-1~deb12u1 (bookworm)2023
CVE-2023-5371 [MEDIUM] CVE-2023-5371: wireshark - RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allow... RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.11-1~deb12u1) bullseye: resolved forky: resolved (fixed in 4.0.10-1) sid: resolved (fixed in 4.0.10-1) trixie: resolved (fixed in 4.0.10-1)
debian
CVE-2023-0666MEDIUMCVSS 6.5fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023
CVE-2023-0666 [MEDIUM] CVE-2023-0666: wireshark - Due to failure in validating the length provided by an attacker-crafted RTPS pac... Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) for
debian
CVE-2023-1993MEDIUMCVSS 6.3fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023
CVE-2023-1993 [MEDIUM] CVE-2023-1993: wireshark - LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows... LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.6-1) sid: resolved (fixed in 4.0.6-1) trixie: resolved (fixed in 4.0.6-1)
debian
← Previous3 / 35Next →
Debian Wireshark vulnerabilities | cvebase