The Wireshark Foundation Wireshark vulnerabilities

CVE-2021-22235 [HIGH] CWE-835 CVE-2021-22235: Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file

CVE-2021-22222 [HIGH] CWE-835 CVE-2021-22222: Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file

CVE-2021-22207 [MEDIUM] CWE-770 CVE-2021-22207: Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 all Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

CVE-2021-22191 [HIGH] CWE-74 CVE-2021-22191: Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execut Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

CVE-2021-22174 [HIGH] CWE-770 CVE-2021-22174: Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

CVE-2021-22173 [HIGH] CWE-401 CVE-2021-22173: Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet inj Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

CVE-2020-26422 [MEDIUM] CWE-120 CVE-2020-26422: Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet in Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file

CVE-2020-26421 [MEDIUM] CWE-125 CVE-2020-26421: Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3. Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

CVE-2020-26419 [MEDIUM] CWE-401 CVE-2020-26419: Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injectio Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.

CVE-2020-26418 [MEDIUM] CWE-401 CVE-2020-26418: Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of servi Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

CVE-2020-26420 [MEDIUM] CWE-401 CVE-2020-26420: Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of servic Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.