CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5336

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2018-5336

Wireshark » Wireshark » Version: 2.2.0

cpe:2.3:a:wireshark:wireshark:2.2.0
Wireshark » Wireshark » Version: 2.2.1

cpe:2.3:a:wireshark:wireshark:2.2.1
Wireshark » Wireshark » Version: 2.2.10

cpe:2.3:a:wireshark:wireshark:2.2.10
Wireshark » Wireshark » Version: 2.2.11

cpe:2.3:a:wireshark:wireshark:2.2.11
Wireshark » Wireshark » Version: 2.2.2

cpe:2.3:a:wireshark:wireshark:2.2.2
Wireshark » Wireshark » Version: 2.2.3

cpe:2.3:a:wireshark:wireshark:2.2.3
Wireshark » Wireshark » Version: 2.2.4

cpe:2.3:a:wireshark:wireshark:2.2.4
Wireshark » Wireshark » Version: 2.2.5

cpe:2.3:a:wireshark:wireshark:2.2.5
Wireshark » Wireshark » Version: 2.2.6

cpe:2.3:a:wireshark:wireshark:2.2.6
Wireshark » Wireshark » Version: 2.2.7

cpe:2.3:a:wireshark:wireshark:2.2.7
Wireshark » Wireshark » Version: 2.2.8

cpe:2.3:a:wireshark:wireshark:2.2.8
Wireshark » Wireshark » Version: 2.2.9

cpe:2.3:a:wireshark:wireshark:2.2.9
Wireshark » Wireshark » Version: 2.4.0

cpe:2.3:a:wireshark:wireshark:2.4.0
Wireshark » Wireshark » Version: 2.4.1

cpe:2.3:a:wireshark:wireshark:2.4.1
Wireshark » Wireshark » Version: 2.4.2

cpe:2.3:a:wireshark:wireshark:2.4.2
Wireshark » Wireshark » Version: 2.4.3

cpe:2.3:a:wireshark:wireshark:2.4.3
Debian » Debian Linux » Version: 7.0

cpe:2.3:o:debian:debian_linux:7.0
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5336

Products

Pricing

Contact Us