Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2024-4854

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file

  • Published: May 14, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2024-4854
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
fedoraproject / fedora 39 39.x
fedoraproject / fedora 40 40.x
wireshark / wireshark 4.2.0 4.2.4.x
wireshark / wireshark 3.6.0 3.6.22.x
wireshark / wireshark 4.0.0 4.0.14.x