Debian Wireshark vulnerabilities

694 known vulnerabilities affecting debian/wireshark.

Total CVEs

694

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH129MEDIUM276LOW281

Vulnerabilities

Page 4 of 35

CVE-2023-1992MEDIUMCVSS 6.3fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023

CVE-2023-1992 [MEDIUM] CVE-2023-1992: wireshark - RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows ... RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.6-1) sid: resolved (fixed in 4.0.6-1) trixie: resolved (fixed in 4.0.6-1)

debian

CVE-2023-3649MEDIUMCVSS 5.3fixed in wireshark 4.0.11-1~deb12u1 (bookworm)2023

CVE-2023-3649 [MEDIUM] CVE-2023-3649: wireshark - iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via p... iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.11-1~deb12u1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.7-1) sid: resolved (fixed in 4.0.7-1) trixie: resolved (fixed in 4.0.7-1)

debian

CVE-2023-2854MEDIUMCVSS 5.3fixed in wireshark 4.0.6-1~deb12u1 (bookworm)2023

CVE-2023-2854 [MEDIUM] CVE-2023-2854: wireshark - BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows den... BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file Scope: local bookworm: resolved (fixed in 4.0.6-1~deb12u1) bullseye: resolved forky: resolved (fixed in 4.0.6-1) sid: resolved (fixed in 4.0.6-1) trixie: resolved (fixed in 4.0.6-1)

debian

CVE-2022-4345MEDIUMCVSS 6.3fixed in wireshark 4.0.2-1 (bookworm)2022

CVE-2022-4345 [MEDIUM] CVE-2022-4345: wireshark - Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark... Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.2-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.2-1) sid: resolved (fixed in 4.0.2-1) trixie: resolve

debian

CVE-2022-0585MEDIUMCVSS 4.3fixed in wireshark 3.6.2-1 (bookworm)2022

CVE-2022-0585 [MEDIUM] CVE-2022-0585: wireshark - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.... Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.2-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 3.6.2-1) sid: resolved (fixed in 3.6.2-1) trixie: resolved (fixed in 3.6.2-1)

debian

CVE-2022-0582MEDIUMCVSS 6.3fixed in wireshark 3.6.2-1 (bookworm)2022

CVE-2022-0582 [MEDIUM] CVE-2022-0582: wireshark - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and... Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.2-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 3.6.2-1) sid: resolved (fixed in 3.6.2-1) trixie: resolved (fixed in 3.6.2-

debian

CVE-2022-3190MEDIUMCVSS 6.3fixed in wireshark 3.6.8-1 (bookworm)2022

CVE-2022-3190 [MEDIUM] CVE-2022-3190: wireshark - Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 t... Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.8-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 3.6.8-1) sid: resolved (fixed in 3.6.8-1) trixie: resolved (fixe

debian

CVE-2022-0581MEDIUMCVSS 6.3fixed in wireshark 3.6.2-1 (bookworm)2022

CVE-2022-0581 [MEDIUM] CVE-2022-0581: wireshark - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4... Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.2-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 3.6.2-1) sid: resolved (fixed in 3.6.2-1) trixie: resolved (fixed in 3.6.2-1)

debian

CVE-2022-3725MEDIUMCVSS 6.3fixed in wireshark 4.0.0-1 (bookworm)2022

CVE-2022-3725 [MEDIUM] CVE-2022-3725: wireshark - Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial o... Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.0-1) bullseye: resolved forky: resolved (fixed in 4.0.0-1) sid: resolved (fixed in 4.0.0-1) trixie: resolved (fixed in 4.0.0-1)

debian

CVE-2022-0586MEDIUMCVSS 6.3fixed in wireshark 3.6.2-1 (bookworm)2022

CVE-2022-0586 [MEDIUM] CVE-2022-0586: wireshark - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 ... Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.2-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 3.6.2-1) sid: resolved (fixed in 3.6.2-1) trixie: resolved (fixed in 3.6.2-1)

debian

CVE-2022-4344MEDIUMCVSS 6.3fixed in wireshark 4.0.2-1 (bookworm)2022

CVE-2022-4344 [MEDIUM] CVE-2022-4344: wireshark - Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 an... Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 4.0.2-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 4.0.2-1) sid: resolved (fixed in 4.0.2-1) trixie: resolved (fixed in 4.0.2-

debian

CVE-2022-0583MEDIUMCVSS 6.3fixed in wireshark 3.6.2-1 (bookworm)2022

CVE-2022-0583 [MEDIUM] CVE-2022-0583: wireshark - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.... Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.2-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 3.6.2-1) sid: resolved (fixed in 3.6.2-1) trixie: resolved (fixed in 3.6.2-1)

debian

CVE-2022-3724LOWCVSS 6.32022

CVE-2022-3724 [MEDIUM] CVE-2022-3724: wireshark - Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denia... Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

debian

CVE-2021-39924HIGHCVSS 7.5fixed in wireshark 3.6.0-1 (bookworm)2021

CVE-2021-39924 [HIGH] CVE-2021-39924: wireshark - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 ... Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.0-1) bullseye: resolved (fixed in 3.4.10-0+deb11u1) forky: resolved (fixed in 3.6.0-1) sid: resolved (fixed in 3.6.0-1) trixie: resolved (fixed in 3.6.0-1)

debian

CVE-2021-39926HIGHCVSS 7.5fixed in wireshark 3.6.0-1 (bookworm)2021

CVE-2021-39926 [HIGH] CVE-2021-39926: wireshark - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 a... Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.0-1) bullseye: resolved (fixed in 3.4.10-0+deb11u1) forky: resolved (fixed in 3.6.0-1) sid: resolved (fixed in 3.6.0-1) trixie: resolved (fixed in 3.6.0-1)

debian

CVE-2021-4182HIGHCVSS 7.5fixed in wireshark 3.6.2-1 (bookworm)2021

CVE-2021-4182 [HIGH] CVE-2021-4182: wireshark - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows de... Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.2-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 3.6.2-1) sid: resolved (fixed in 3.6.2-1) trixie: resolved (fixed in 3.6.2-1)

debian

CVE-2021-4185HIGHCVSS 7.5fixed in wireshark 3.6.2-1 (bookworm)2021

CVE-2021-4185 [HIGH] CVE-2021-4185: wireshark - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allo... Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.2-1) bullseye: resolved (fixed in 3.4.16-0+deb11u1) forky: resolved (fixed in 3.6.2-1) sid: resolved (fixed in 3.6.2-1) trixie: resolved (fixed in 3.6.2-1)

debian

CVE-2021-22235HIGHCVSS 7.5fixed in wireshark 3.4.7-1 (bookworm)2021

CVE-2021-22235 [HIGH] CVE-2021-22235: wireshark - Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows de... Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.4.7-1) bullseye: resolved (fixed in 3.4.10-0+deb11u1) forky: resolved (fixed in 3.4.7-1) sid: resolved (fixed in 3.4.7-1) trixie: resolved (fixed in 3.4.7-1)

debian

CVE-2021-22222HIGHCVSS 7.5fixed in wireshark 3.4.7-1 (bookworm)2021

CVE-2021-22222 [HIGH] CVE-2021-22222: wireshark - Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial o... Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.4.7-1) bullseye: resolved (fixed in 3.4.10-0+deb11u1) forky: resolved (fixed in 3.4.7-1) sid: resolved (fixed in 3.4.7-1) trixie: resolved (fixed in 3.4.7-1)

debian

CVE-2021-39928HIGHCVSS 7.5fixed in wireshark 3.6.0-1 (bookworm)2021

CVE-2021-39928 [HIGH] CVE-2021-39928: wireshark - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 ... NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved (fixed in 3.6.0-1) bullseye: resolved (fixed in 3.4.10-0+deb11u1) forky: resolved (fixed in 3.6.0-1) sid: resolved (fixed in 3.6.0-1) trixie: resolved (fixed in 3.6

debian

← Previous4 / 35Next →