CNNVD-202512-414 Information

CNNVD ID

CNNVD-202512-414

Related CVE

CVE-2025-13945

• CNNVD Published: 2025-12-03

Description (Chinese)

Wireshark（前称Ethereal）是导线鲨鱼（Wireshark）团队的一套网络数据包分析软件。该软件的功能是截取网络数据包，并显示出详细的数据以供分析。 Wireshark 4.6.0版本和4.6.1版本存在安全漏洞，该漏洞源于HTTP3解析器崩溃，可能导致拒绝服务。

Description (English)

Wireshark (formerly Ethel) is a web-based package analysis software for the Wireshark team. The software is designed to intercept network data packages and to display detailed data for analysis. There is a security loophole in Wireshank, Version 4.6.0 and Version 4.6.1, which originates from the collapse of the HTTP3 resolver, which may lead to the denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

导线鲨鱼

Published

2025-12-03

Last Modified

2026-02-24

References

https://gitlab.com/wireshark/wireshark/-/issues/20860 https://www.wireshark.org/security/wnpa-sec-2025-07.html

Patch

https://www.wireshark.org/download.html