Описание
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | released | 2.6.3-1~ubuntu18.04.1 |
| devel | not-affected | 2.6.3-1 |
| esm-apps/bionic | released | 2.6.3-1~ubuntu18.04.1 |
| esm-apps/xenial | released | 2.6.3-1~ubuntu16.04.1 |
| esm-infra-legacy/trusty | released | 2.6.3-1~ubuntu14.04.1 |
| precise/esm | DNE | |
| trusty | released | 2.6.3-1~ubuntu14.04.1 |
| trusty/esm | released | 2.6.3-1~ubuntu14.04.1 |
| upstream | needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3