CVE-2018-7321

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-7321
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7321.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-7321
Downstream
Related
Published
2018-02-23T22:29:00Z
Modified
2025-10-10T01:29:23.381472Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://github.com/wireshark/wireshark
Events
Introduced
5368c50be46d4a44986d12bdfc0a35b42c0f34fc
Last affected
1fd0af7a9015714bbe0f67b3a2027af6fe47c1c0
Introduced
9be0fa500da594ed01baf3214642838d22811c90
Last affected
90a7be11a4fdc292f2af40cd49ad7e1bce335dfc

Affected versions

2.*

2.2.1rc0

v2.*

v2.2.0
v2.2.1
v2.2.10
v2.2.10rc0
v2.2.11
v2.2.11rc0
v2.2.12
v2.2.12rc0
v2.2.1rc0
v2.2.2
v2.2.2rc0
v2.2.3
v2.2.3rc0
v2.2.4
v2.2.4rc0
v2.2.5
v2.2.5rc0
v2.2.6
v2.2.6rc0
v2.2.7
v2.2.7rc0
v2.2.8
v2.2.8rc0
v2.2.9
v2.2.9rc0
v2.4.0
v2.4.1
v2.4.1rc0
v2.4.2
v2.4.2rc0
v2.4.3
v2.4.3rc0
v2.4.4
v2.4.4rc0

wireshark-2.*

wireshark-2.2.0
wireshark-2.2.1
wireshark-2.2.10
wireshark-2.2.11
wireshark-2.2.12
wireshark-2.2.2
wireshark-2.2.3
wireshark-2.2.4
wireshark-2.2.5
wireshark-2.2.6
wireshark-2.2.7
wireshark-2.2.8
wireshark-2.2.9
wireshark-2.4.0
wireshark-2.4.1
wireshark-2.4.2
wireshark-2.4.3
wireshark-2.4.4