CVE-2024-11595

FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file

Published: Nov 21, 2024
Updated: May 8, 2025
CVE: CVE-2024-11595
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
wireshark / wireshark	4.2.0	4.2.9
wireshark / wireshark	4.4.0	4.4.2

https://gitlab.com/wireshark/wireshark/-/issues/20176
https://www.wireshark.org/security/wnpa-sec-2024-14.html

Vulnerability Database

289,599

CVE-2024-11595