7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
48.1%
Software: wireshark 4.0.5
OS: ROSA-CHROME
package_evr_string: wireshark-4.0.5-1.src.rpm
CVE-ID: CVE-2022-4344
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: A memory shortage in the Kafka protocol dissector in Wireshark versions 4.0.0.0-4.0.1 and 3.6.0-3.6.9 allows denial of service via packet injection or a created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2022-4345
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Infinite loops in BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark versions 4.0.0-4.0.1 and 3.6.0-3.6.9 allow denial of service via packet injection or a created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-0411
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Excessive cycles in multiple dissectors in Wireshark 4.0.0.0-4.0.2 and 3.6.0-3.6.10 and allow denial of service via packet injection or created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-0411
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Excessive cycles in multiple dissectors in Wireshark 4.0.0.0-4.0.2 and 3.6.0-3.6.10 and allow denial of service via packet injection or created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-0412
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: TIPC dissector failure in Wireshark 4.0.0.0-4.0.2 and 3.6.0-3.6.10, allowing a denial of service via packet injection or a created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-0413
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Dissection mechanism bug in Wireshark 4.0.0.0-4.0.2 and 3.6.0-3.6.10 allowing denial of service via packet injection or created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-0414
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: An EAP dissector failure in Wireshark 4.0.0-4.0.2 allows a denial of service via packet injection or a created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-0415
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: iSCSI dissector failure in Wireshark versions 4.0.0.0-4.0.2 and 3.6.0-3.6.10, allowing a denial of service via packet injection or a created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-0416
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: GNW dissector failure in Wireshark 4.0.0.0-4.0.2 and 3.6.0-3.6.10, allowing denial of service via packet injection or created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-0417
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Memory leak in the NFS dissector in Wireshark versions 4.0.0 through 4.0.2 and 3.6.0 through 3.6.10 and allows denial of service via packet injection or created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-1161
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: ISO 15765 and ISO 10681 dissector failure in Wireshark versions 4.0.0 through 4.0.3 and 3.6.0 through 3.6.11 allows denial of service via packet injection or a created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-1992
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: Failure of the RPCoRDMA dissector in Wireshark versions 4.0.0 through 4.0.4 and 3.6.0 through 3.6.12 allows a denial of service via packet injection or a created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-1993
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: The large LISP dissector loop in Wireshark versions 4.0.0 through 4.0.4 and 3.6.0 through 3.6.12 allows for denial of service via packet injection or a created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
CVE-ID: CVE-2023-1994
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: The GQUIC dissector failure in Wireshark versions 4.0.0 through 4.0.4 and 3.6.0 through 3.6.12 allows a denial of service via packet injection or a created capture file.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update wireshark
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
48.1%