{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13945", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2025-12-03T07:33:37.960Z", "datePublished": "2025-12-03T08:04:49.403Z", "dateUpdated": "2025-12-03T15:59:28.435Z"}, "containers": {"cna": {"title": "Improperly Controlled Sequential Memory Allocation in Wireshark", "descriptions": [{"lang": "en", "value": "HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service"}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"version": "4.6.0", "status": "affected", "lessThan": "4.6.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-1325: Improperly Controlled Sequential Memory Allocation", "cweId": "CWE-1325", "type": "CWE"}]}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2025-07.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20860", "name": "GitLab Issue #20860", "tags": ["issue-tracking", "permissions-required"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM"}}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.6.2 or above"}], "credits": [{"lang": "en", "value": "S\u00e9bastien F\u00e9ry", "type": "finder"}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2025-12-03T08:04:49.403Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-03T15:59:21.378576Z", "id": "CVE-2025-13945", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-03T15:59:28.435Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13945", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-03T15:59:21.378576Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-03T15:59:25.935Z"}}], "cna": {"title": "Improperly Controlled Sequential Memory Allocation in Wireshark", "credits": [{"lang": "en", "type": "finder", "value": "S\u00e9bastien F\u00e9ry"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"status": "affected", "version": "4.6.0", "lessThan": "4.6.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.6.2 or above"}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2025-07.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20860", "name": "GitLab Issue #20860", "tags": ["issue-tracking", "permissions-required"]}], "descriptions": [{"lang": "en", "value": "HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1325", "description": "CWE-1325: Improperly Controlled Sequential Memory Allocation"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2025-12-03T08:04:49.403Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13945", "state": "PUBLISHED", "dateUpdated": "2025-12-03T15:59:28.435Z", "dateReserved": "2025-12-03T07:33:37.960Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2025-12-03T08:04:49.403Z", "assignerShortName": "GitLab"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D2DBF83-3165-4923-A832-C962C1E3DF6F", "versionEndExcluding": "4.6.2", "versionStartIncluding": "4.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service"}], "id": "CVE-2025-13945", "lastModified": "2025-12-05T15:08:07.970", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "cve@gitlab.com", "type": "Secondary"}]}, "published": "2025-12-03T08:15:47.940", "references": [{"source": "cve@gitlab.com", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory", "Patch"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/20860"}, {"source": "cve@gitlab.com", "tags": ["Vendor Advisory", "Exploit", "Issue Tracking"], "url": "https://www.wireshark.org/security/wnpa-sec-2025-07.html"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1325"}], "source": "cve@gitlab.com", "type": "Primary"}]}

{"bugzilla": {"description": "wireshark: Improperly Controlled Sequential Memory Allocation in Wireshark", "id": "2418573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418573"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-770", "details": ["HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service", "A flaw was found in the HTTP3 dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of CPU and memory resources, resulting in a denial of service."], "mitigation": {"lang": "en:us", "value": "If the HTTP3 protocol dissectors are not being used, they can be disabled via the \"Enabled Protocols\" dialog box in the Wireshark GUI application. This will also disable the protocol dissectors when using \"tshark\", the command line tool.\nSee the links below for instructions to disable a protocol in Wireshark, specifically the \"Control Protocol Dissection\" section and the \"disabled_protos\" configuration file option.\nhttps://www.wireshark.org/docs/wsug_html_chunked/ChCustProtocolDissectionSection.html\nhttps://www.wireshark.org/docs/wsug_html_chunked/ChAppFilesConfigurationSection.html"}, "name": "CVE-2025-13945", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-03T08:04:49Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-13945\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-13945\nhttps://gitlab.com/wireshark/wireshark/-/issues/20860\nhttps://www.wireshark.org/security/wnpa-sec-2025-07.html"], "statement": "This vulnerability will cause a crash in Wireshark with no other security impact. Additionally, this issue can only be exploited when a specially crafted pcap file is processed. For these reasons, this flaw has been rated with a moderate severity.", "threat_severity": "Moderate"}