CVE-2024-4854

Published May 14, 2024

Last updated 3 months ago

CVSS medium 6.4

Overview

Description
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file
Source
cve@gitlab.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.4
Impact score
4.7
Exploitability score
1.6
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
Severity
MEDIUM

Weaknesses

cve@gitlab.com
CWE-835

Social media

Hype score
Not currently trending

References