CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-17498

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.8%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

Products affected by CVE-2020-17498

Oracle » Zfs Storage Appliance Kit » Version: 8.8

cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8
Wireshark » Wireshark » Version: 3.2.0

cpe:2.3:a:wireshark:wireshark:3.2.0
Wireshark » Wireshark » Version: 3.2.1

cpe:2.3:a:wireshark:wireshark:3.2.1
Wireshark » Wireshark » Version: 3.2.2

cpe:2.3:a:wireshark:wireshark:3.2.2
Wireshark » Wireshark » Version: 3.2.3

cpe:2.3:a:wireshark:wireshark:3.2.3
Wireshark » Wireshark » Version: 3.2.4

cpe:2.3:a:wireshark:wireshark:3.2.4
Wireshark » Wireshark » Version: 3.2.5

cpe:2.3:a:wireshark:wireshark:3.2.5
Fedoraproject » Fedora » Version: 31

cpe:2.3:o:fedoraproject:fedora:31
Fedoraproject » Fedora » Version: 32

cpe:2.3:o:fedoraproject:fedora:32
Opensuse » Leap » Version: 15.1

cpe:2.3:o:opensuse:leap:15.1
Opensuse » Leap » Version: 15.2

cpe:2.3:o:opensuse:leap:15.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-17498

Products

Pricing

Contact Us