0.005 Low
EPSS
Percentile
76.2%
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.
bugzilla.redhat.com/show_bug.cgi?id=1607328
www.cve.org/CVERecord?id=CVE-2018-14369 https://nvd.nist.gov/vuln/detail/CVE-2018-14369 https://www.wireshark.org/security/wnpa-sec-2018-41.html