CVE-2018-14340

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-14340
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-14340.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-14340
Downstream
Related
Published
2018-07-19T02:29:00.267Z
Modified
2026-03-20T03:20:19.615489Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://github.com/wireshark/wireshark
Events
Introduced
5368c50be46d4a44986d12bdfc0a35b42c0f34fc
Last affected
c43eaa1b7be098dad15ffb33f987be5a907b88bd
Introduced
9be0fa500da594ed01baf3214642838d22811c90
Last affected
6b4493c3dc79478a556cb6b44fda2134a76d07f1
Introduced
c7239f0201292253817c7c4c9a394a47113ca55c
Last affected
860a78b3c701b8e318e490ed46e847e3c4b4cab7
Database specific 
{
    "versions": [
        {
            "introduced": "2.2.0"
        },
        {
            "last_affected": "2.2.15"
        },
        {
            "introduced": "2.4.0"
        },
        {
            "last_affected": "2.4.7"
        },
        {
            "introduced": "2.6.0"
        },
        {
            "last_affected": "2.6.1"
        }
    ]
}

Affected versions

2.*
2.2.1rc0
v2.*
v2.2.0
v2.2.1
v2.2.10
v2.2.10rc0
v2.2.11
v2.2.11rc0
v2.2.12
v2.2.12rc0
v2.2.13
v2.2.13rc0
v2.2.14
v2.2.14rc0
v2.2.15
v2.2.15rc0
v2.2.1rc0
v2.2.2
v2.2.2rc0
v2.2.3
v2.2.3rc0
v2.2.4
v2.2.4rc0
v2.2.5
v2.2.5rc0
v2.2.6
v2.2.6rc0
v2.2.7
v2.2.7rc0
v2.2.8
v2.2.8rc0
v2.2.9
v2.2.9rc0
v2.4.0
v2.4.1
v2.4.1rc0
v2.4.2
v2.4.2rc0
v2.4.3
v2.4.3rc0
v2.4.4
v2.4.4rc0
v2.4.5
v2.4.5rc0
v2.4.6
v2.4.6rc0
v2.4.7
v2.4.7rc0
v2.6.0
v2.6.1
v2.6.1rc0
wireshark-2.*
wireshark-2.2.0
wireshark-2.2.1
wireshark-2.2.10
wireshark-2.2.11
wireshark-2.2.12
wireshark-2.2.13
wireshark-2.2.14
wireshark-2.2.15
wireshark-2.2.2
wireshark-2.2.3
wireshark-2.2.4
wireshark-2.2.5
wireshark-2.2.6
wireshark-2.2.7
wireshark-2.2.8
wireshark-2.2.9
wireshark-2.4.0
wireshark-2.4.1
wireshark-2.4.2
wireshark-2.4.3
wireshark-2.4.4
wireshark-2.4.5
wireshark-2.4.6
wireshark-2.4.7
wireshark-2.6.0
wireshark-2.6.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-14340.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    }
]