Skip to main content

Excessive Iteration

CVE-2023-0411

Severity Medium
Score 6.5/10

Summary

Excessive loops in multiple dissectors in Wireshark versions 3.6.0 through 3.6.10, and 4.0.0 through 4.0.2 and allows denial of service via packet injection or crafted capture file.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • REQUIRED
  • NONE
  • NONE
  • HIGH

CWE-834 - Excessive Iteration

The software performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.

Advisory Timeline

  • Published