CVE-2019-19553

2019-12-0501:15:14

Google

osv.dev

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON

In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.

CPENameOperatorVersion
wiresharkeq2.6.3
wiresharkeq2.6.4rc0
wiresharkeq3.0.6rc0
wiresharkeqwireshark-2.6.6
wiresharkeq2.6.7rc0
wiresharkeqwireshark-2.6.11
wiresharkeqwireshark-2.6.5
wiresharkeq3.0.4
wiresharkeqwireshark-3.0.0
wiresharkeq2.6.4

Name	Operator	Version
wireshark	eq	2.6.3
wireshark	eq	2.6.4rc0
wireshark	eq	3.0.6rc0
wireshark	eq	wireshark-2.6.6
wireshark	eq	2.6.7rc0
wireshark	eq	wireshark-2.6.11
wireshark	eq	wireshark-2.6.5
wireshark	eq	3.0.4
wireshark	eq	wireshark-3.0.0
wireshark	eq	2.6.4