CVE-2020-26575
- EPSS 3.12%
- Veröffentlicht 06.10.2020 15:15:15
- Zuletzt bearbeitet 21.11.2024 05:20:06
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
CVE-2020-17498
- EPSS 2.89%
- Veröffentlicht 13.08.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 05:08:13
In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.
CVE-2020-15466
- EPSS 3.1%
- Veröffentlicht 05.07.2020 11:15:09
- Zuletzt bearbeitet 21.11.2024 05:05:33
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.
CVE-2020-13164
- EPSS 3.22%
- Veröffentlicht 19.05.2020 22:15:12
- Zuletzt bearbeitet 21.11.2024 05:00:47
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.
CVE-2020-11647
- EPSS 3.32%
- Veröffentlicht 10.04.2020 21:15:11
- Zuletzt bearbeitet 21.11.2024 04:58:19
In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.
CVE-2020-9431
- EPSS 2.71%
- Veröffentlicht 27.02.2020 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:40:37
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.
CVE-2020-9428
- EPSS 3.11%
- Veröffentlicht 27.02.2020 23:15:12
- Zuletzt bearbeitet 21.11.2024 05:40:37
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.
CVE-2020-9429
- EPSS 1.54%
- Veröffentlicht 27.02.2020 23:15:12
- Zuletzt bearbeitet 21.11.2024 05:40:37
In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.
CVE-2020-9430
- EPSS 2.81%
- Veröffentlicht 27.02.2020 23:15:12
- Zuletzt bearbeitet 21.11.2024 05:40:37
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.
CVE-2020-7044
- EPSS 3.24%
- Veröffentlicht 16.01.2020 04:15:11
- Zuletzt bearbeitet 21.11.2024 05:36:32
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.