CVE-2025-13946

Source
https://cve.org/CVERecord?id=CVE-2025-13946
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13946.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-13946
Downstream
Published
2025-12-03T08:04:54.335Z
Modified
2026-02-22T08:02:02.752328Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
Details

MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service

Database specific
{
    "cna_assigner": "GitLab",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/13xxx/CVE-2025-13946.json",
    "cwe_ids": [
        "CWE-835"
    ]
}
References

Affected packages

Git / github.com/wireshark/wireshark

Affected versions

v4.*
v4.4.0
v4.4.1
v4.4.10
v4.4.10rc0
v4.4.11
v4.4.11rc0
v4.4.12rc0
v4.4.1rc0
v4.4.2
v4.4.2rc0
v4.4.3
v4.4.3rc0
v4.4.4
v4.4.4rc0
v4.4.5
v4.4.5rc0
v4.4.6
v4.4.6rc0
v4.4.7
v4.4.7rc0
v4.4.8
v4.4.8rc0
v4.4.9
v4.4.9rc0
v4.6.0
v4.6.1
v4.6.1rc0
v4.6.2rc0
v4.6.7rc0
wireshark-4.*
wireshark-4.4.0
wireshark-4.4.1
wireshark-4.4.2
wireshark-4.4.3
wireshark-4.4.4
wireshark-4.4.5
wireshark-4.4.6
wireshark-4.4.7
wireshark-4.4.8
wireshark-4.4.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13946.json"

Git / gitlab.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://gitlab.com/wireshark/wireshark
Events
Database specific
{
    "versions": [
        {
            "introduced": "4.6.0"
        },
        {
            "fixed": "4.6.1"
        }
    ]
}
Type
GIT
Repo
https://gitlab.com/wireshark/wireshark
Events
Database specific
{
    "versions": [
        {
            "introduced": "4.4.0"
        },
        {
            "fixed": "4.4.11"
        }
    ]
}

Affected versions

v4.*
v4.4.0
v4.4.1
v4.4.10
v4.4.10rc0
v4.4.11rc0
v4.4.1rc0
v4.4.2
v4.4.2rc0
v4.4.3
v4.4.3rc0
v4.4.4
v4.4.4rc0
v4.4.5
v4.4.5rc0
v4.4.6
v4.4.6rc0
v4.4.7
v4.4.7rc0
v4.4.8
v4.4.8rc0
v4.4.9
v4.4.9rc0
v4.6.0
v4.6.1rc0
wireshark-4.*
wireshark-4.4.0
wireshark-4.4.1
wireshark-4.4.2
wireshark-4.4.3
wireshark-4.4.4
wireshark-4.4.5
wireshark-4.4.6
wireshark-4.4.7
wireshark-4.4.8
wireshark-4.4.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13946.json"