CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-9271
https://notcve.org/view.php?id=CVE-2018-9271
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-multipart.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14486 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=5b0228945dc74ee82d2ab4a4e7af2bdfe7b75910 https://www.wireshark.org/security/wnpa-sec-2018-24.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-9272
https://notcve.org/view.php?id=CVE-2018-9272
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-h223.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14487 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6e3b90824a82724f445a0374e99f0b76e4cf5e8b https://www.wireshark.org/security/wnpa-sec-2018-24.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-9274
https://notcve.org/view.php?id=CVE-2018-9274
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, ui/failure_message.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14489 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=211845aba4794720ae265c782cdffddae54a3e7a https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=f38e895dfc0d97bce64f73ce99df706911d9aa07 https://www.wireshark.org/security/wnpa-sec-2018-24.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7337
https://notcve.org/view.php?id=CVE-2018-7337
In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs. En Wireshark desde la versión 2.4.0 hasta la 2.4.4, el disector de protocolo DOCSIS podría cerrarse inesperadamente. Esto se trató en plugins/docsis/packet-docsis.c eliminando el algoritmo recursivo que se había estado empleando para los PDU concatenados. • http://www.securityfocus.com/bid/103164 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14446 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=511a8b0b546d25413e289dc5a7d3a455a33994c2 https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html https://www.wireshark.org/security/wnpa-sec-2018-08.html •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-7420
https://notcve.org/view.php?id=CVE-2018-7420
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks. En Wireshark 2.2.0 a 2.2.12 y 2.4.0 a 2.4.4, el analizador de archivos pcapng podría cerrarse inesperadamente. Esto se trató en wiretap/pcapng.c añadiendo una comprobación block-size para los bloques de evento sysdig. • http://www.securityfocus.com/bid/103163 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=129e41f9f63885ad8224ef413c2860788fb9e849 https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-11.html •