logo
DATABASE RESOURCES PRICING ABOUT US

Wireshark Injection Vulnerability (CNVD-2022-11196)

Description

Wireshark (formerly Ethereal) is a network packet analysis software from the Wireshark team. Wireshark versions 3.4.0 - 3.4.10 contain an injection vulnerability that stems from a crash in the Gryphon parser. An attacker could exploit this vulnerability to cause a denial of service via packet injection or a specially crafted capture file.


Affected Software


CPE Name Name Version
wireshark wireshark >=3.4.0, 3.4.10

Related