CVE-2024-0207

Опубликовано: 03 янв. 2024

Источник: debian

EPSS Низкий

Описание

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

Пакет	Статус	Версия исправления	Релиз	Тип
wireshark	fixed	4.2.2-1		package
wireshark	not-affected		bookworm	package
wireshark	not-affected		bullseye	package
wireshark	not-affected		buster	package

https://www.wireshark.org/security/wnpa-sec-2024-03.html
https://gitlab.com/wireshark/wireshark/-/issues/19502
Introduced by: https://gitlab.com/wireshark/wireshark/-/commit/80f9a28921acfa1fb9fe29a25468451faad2b6f2 (v4.2.0rc0)

EPSS

Процентиль: 20%

0.00063

Низкий

CVE-2024-0207

CVSS3: 7.8

ubuntu

около 2 лет назад

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

CVE-2024-0207

CVSS3: 5.5

redhat

около 2 лет назад

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

CVE-2024-0207

CVSS3: 7.8

nvd

около 2 лет назад

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

GHSA-5qqv-6f97-m7hw

CVSS3: 7.8

github

около 2 лет назад

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

SUSE-SU-2024:3165-1

suse-cvrf

больше 1 года назад

Security update for wireshark

EPSS

Процентиль: 20%

0.00063

Низкий