CVE-2023-1994

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-1994

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1994.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-1994

Downstream

DEBIAN-CVE-2023-1994

DLA-3402-1

DLA-3906-1

DSA-5429-1

OESA-2023-1260

OESA-2023-1261

SUSE-SU-2023:1931-1

UBUNTU-CVE-2023-1994

openSUSE-SU-2024:12865-1

Related

Published

2023-04-12T00:00:00Z

Modified

2026-02-04T21:33:34.457291Z

Severity

6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVSS Calculator

Summary

[none]

Details

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Database specific

{
    "cna_assigner": "GitLab",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/1xxx/CVE-2023-1994.json"
}

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

3a34e44d02c9c91f9f851bd6f29ff4505131b127

Fixed

9aa9aca9c1c14e846053659d92c01324dd030730

Introduced

0cbe09cd796b2ea24c6069b76ea16df7f51cf67b

Fixed

e556162d8da3dc05397bd16a57caa042e62f8e9e

Affected versions

v3.*

v3.6.0

v3.6.1

v3.6.10

v3.6.10rc0

v3.6.11

v3.6.11rc0

v3.6.12

v3.6.12rc0

v3.6.13rc0

v3.6.1rc0

v3.6.2

v3.6.2rc0

v3.6.3

v3.6.3rc0

v3.6.4

v3.6.4rc0

v3.6.5

v3.6.5rc0

v3.6.6

v3.6.6rc0

v3.6.7

v3.6.7rc0

v3.6.8

v3.6.8rc0

v3.6.9

v3.6.9rc0

v4.*

v4.0.0

v4.0.1

v4.0.1rc0

v4.0.2

v4.0.2rc0

v4.0.3

v4.0.3rc0

v4.0.4

v4.0.4rc0

v4.0.5rc0

wireshark-3.*

wireshark-3.6.0

wireshark-3.6.1

wireshark-3.6.10

wireshark-3.6.11

wireshark-3.6.12

wireshark-3.6.2

wireshark-3.6.3

wireshark-3.6.4

wireshark-3.6.5

wireshark-3.6.6

wireshark-3.6.7

wireshark-3.6.8

wireshark-3.6.9

wireshark-4.*

wireshark-4.0.0

wireshark-4.0.1

wireshark-4.0.2

wireshark-4.0.3

wireshark-4.0.4

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1994.json"

Git / gitlab.com/wireshark/wireshark

Affected ranges

Type

GIT

Repo

https://gitlab.com/wireshark/wireshark

Events

Introduced

0cbe09cd796b2ea24c6069b76ea16df7f51cf67b

Fixed

e556162d8da3dc05397bd16a57caa042e62f8e9e

Database specific

{
    "versions": [
        {
            "introduced": "4.0.0"
        },
        {
            "fixed": "4.0.5"
        }
    ]
}

Type

GIT

Repo

https://gitlab.com/wireshark/wireshark

Events

Introduced

3a34e44d02c9c91f9f851bd6f29ff4505131b127

Fixed

9aa9aca9c1c14e846053659d92c01324dd030730

Database specific

{
    "versions": [
        {
            "introduced": "3.6.0"
        },
        {
            "fixed": "3.6.13"
        }
    ]
}

Affected versions

v3.*

v3.6.0

v3.6.1

v3.6.10

v3.6.10rc0

v3.6.11

v3.6.11rc0

v3.6.12

v3.6.12rc0

v3.6.13rc0

v3.6.1rc0

v3.6.2

v3.6.2rc0

v3.6.3

v3.6.3rc0

v3.6.4

v3.6.4rc0

v3.6.5

v3.6.5rc0

v3.6.6

v3.6.6rc0

v3.6.7

v3.6.7rc0

v3.6.8

v3.6.8rc0

v3.6.9

v3.6.9rc0

v4.*

v4.0.0

v4.0.1

v4.0.1rc0

v4.0.2

v4.0.2rc0

v4.0.3

v4.0.3rc0

v4.0.4

v4.0.4rc0

v4.0.5rc0

wireshark-3.*

wireshark-3.6.0

wireshark-3.6.1

wireshark-3.6.10

wireshark-3.6.11

wireshark-3.6.12

wireshark-3.6.2

wireshark-3.6.3

wireshark-3.6.4

wireshark-3.6.5

wireshark-3.6.6

wireshark-3.6.7

wireshark-3.6.8

wireshark-3.6.9

wireshark-4.*

wireshark-4.0.0

wireshark-4.0.1

wireshark-4.0.2

wireshark-4.0.3

wireshark-4.0.4

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1994.json"