CNNVD-202601-2365 Information

CNNVD ID

CNNVD-202601-2365

Related CVE

CVE-2026-0960

• CNNVD Published: 2026-01-14

Description (Chinese)

Wireshark（前称Ethereal）是导线鲨鱼（Wireshark）团队的一套网络数据包分析软件。该软件的功能是截取网络数据包，并显示出详细的数据以供分析。 Wireshark 4.6.0版本至4.6.2版本存在安全漏洞，该漏洞源于HTTP3协议解析器无限循环，可能导致拒绝服务。

Description (English)

Wireshark (formerly Ethel) is a web-based package analysis software for the Wireshark team. The software is designed to intercept network data packages and to display detailed data for analysis. There is a security loophole in Wireshank, versions 4.6.0 to 4.6.2, which originates from the unlimited cycle of the HTTP 3 protocol resolver and may lead to the denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

导线鲨鱼

Published

2026-01-14

Last Modified

2026-02-24

References

https://gitlab.com/wireshark/wireshark/-/issues/20944 https://www.wireshark.org/security/wnpa-sec-2026-04.html

Patch

https://www.wireshark.org/download.html