Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2024-4854 - CERT CVE
CVE-2024-4854
ID
CVE-2024-4854
Sažetak
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file
Reference
https://gitlab.com/wireshark/wireshark/-/issues/19726
https://gitlab.com/wireshark/wireshark/-/merge_requests/15047
https://gitlab.com/wireshark/wireshark/-/merge_requests/15499
https://www.wireshark.org/security/wnpa-sec-2024-07.html
https://gitlab.com/wireshark/wireshark/-/issues/19726
https://gitlab.com/wireshark/wireshark/-/merge_requests/15047
https://gitlab.com/wireshark/wireshark/-/merge_requests/15499
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ/
https://www.wireshark.org/security/wnpa-sec-2024-07.html
CVSS
Base:
6.4
Impact:
4.7
Exploitability:
1.6
Pristup
Vektor
Složenost
Autentikacija
NETWORK
HIGH
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
LOW
LOW
HIGH
CVSS vektor
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
Zadnje važnije ažuriranje
18-04-2025 - 16:34
Objavljeno
14-05-2024 - 15:45
