rpm package
suse/wireshark&distro=SUSE Linux Enterprise Module for Basesystem 15 SP6
pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-0666 | — | < 4.2.6-150600.18.6.1 | 4.2.6-150600.18.6.1 | Jun 7, 2023 | Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. | ||
| CVE-2023-2854 | — | < 4.2.6-150600.18.6.1 | 4.2.6-150600.18.6.1 | May 26, 2023 | BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file | ||
| CVE-2023-0414 | — | < 4.2.6-150600.18.6.1 | 4.2.6-150600.18.6.1 | Jan 24, 2023 | Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file |
- CVE-2023-0666Jun 7, 2023affected < 4.2.6-150600.18.6.1fixed 4.2.6-150600.18.6.1
Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.
- CVE-2023-2854May 26, 2023affected < 4.2.6-150600.18.6.1fixed 4.2.6-150600.18.6.1
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
- CVE-2023-0414Jan 24, 2023affected < 4.2.6-150600.18.6.1fixed 4.2.6-150600.18.6.1
Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file
Page 2 of 2