CVE-2021-22191

Опубликовано: 15 мар. 2021

Источник: debian

EPSS Низкий

Описание

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
wireshark	fixed	3.4.4-1		package
wireshark	fixed	2.6.20-0+deb10u4	buster	package

Примечания

https://www.wireshark.org/security/wnpa-sec-2021-03.html
https://gitlab.com/wireshark/wireshark/-/issues/17232

EPSS

Процентиль: 65%

0.00502

Низкий

Связанные уязвимости

CVE-2021-22191

CVSS3: 6.3

ubuntu

почти 5 лет назад

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

CVE-2021-22191

CVSS3: 7.5

redhat

почти 5 лет назад

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

CVE-2021-22191

CVSS3: 6.3

nvd

почти 5 лет назад

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

GHSA-w6w5-wrcg-5jrx

CVSS3: 8.8

github

больше 3 лет назад

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

openSUSE-SU-2021:2125-1

suse-cvrf

больше 4 лет назад

Security update for wireshark

EPSS

Процентиль: 65%

0.00502

Низкий