Description

HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service

Related CPE's

a

wireshark

wireshark

2

References

https://gitlab.com/wireshark/wireshark/-/issues/20944

ExploitIssue TrackingPatchVendor Advisory

https://www.wireshark.org/security/wnpa-sec-2026-04.html

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-835

CVSS impact metrics

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

4.7 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2026-01-14T21:15:52.903Z

1 month ago

Last modified

2026-01-21T20:07:19.650Z

4 weeks ago