CVE-2021-22207

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-22207
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22207.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-22207
Downstream
Related
Published
2021-04-23T18:15:08.200Z
Modified
2026-06-18T03:57:32.871082468Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

Database specific 
{
    "unresolved_ranges": [
        {
            "vendor_product": "debian:debian_linux",
            "extracted_events": [
                {
                    "last_affected": "9.0"
                },
                {
                    "last_affected": "10.0"
                },
                {
                    "last_affected": "11.0"
                }
            ],
            "source": "CPE_STRING",
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
            ]
        },
        {
            "vendor_product": "fedoraproject:fedora",
            "extracted_events": [
                {
                    "last_affected": "33"
                },
                {
                    "last_affected": "34"
                }
            ],
            "source": "CPE_STRING",
            "cpes": [
                "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"
            ]
        },
        {
            "vendor_product": "oracle:zfs_storage_appliance_kit",
            "extracted_events": [
                {
                    "last_affected": "8.8"
                }
            ],
            "source": "CPE_STRING",
            "cpes": [
                "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*"
            ]
        }
    ]
}
References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://github.com/wireshark/wireshark
Events
Introduced
e0ed4cfa3d72110257da54c26ad3a28d282ef454
Last affected
1437347b5f8ae559b7f5e0bc5455283ca523b0e1
Introduced
9733f173ea5e6255e8da208ef183210aa264d948
Last affected
c33f6306cbb22588d33cc28548727a8843ba8053
Database specific 
{
    "cpe": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "3.2.0"
        },
        {
            "last_affected": "3.2.12"
        },
        {
            "introduced": "3.4.0"
        },
        {
            "last_affected": "3.4.4"
        }
    ]
}

Affected versions

v3.*
v3.2.0
v3.2.1
v3.2.10
v3.2.10rc0
v3.2.11
v3.2.11rc0
v3.2.12
v3.2.12rc0
v3.2.1rc0
v3.2.2
v3.2.2rc0
v3.2.3
v3.2.3rc0
v3.2.4
v3.2.4rc0
v3.2.5
v3.2.5rc0
v3.2.6
v3.2.6rc0
v3.2.7
v3.2.7rc0
v3.2.8
v3.2.8rc0
v3.2.9
v3.2.9rc0
v3.4.0
v3.4.1
v3.4.1rc0
v3.4.2
v3.4.2rc0
v3.4.3
v3.4.3rc0
v3.4.4
v3.4.4rc0
wireshark-3.*
wireshark-3.2.0
wireshark-3.2.1
wireshark-3.2.10
wireshark-3.2.11
wireshark-3.2.12
wireshark-3.2.2
wireshark-3.2.3
wireshark-3.2.4
wireshark-3.2.5
wireshark-3.2.6
wireshark-3.2.7
wireshark-3.2.8
wireshark-3.2.9
wireshark-3.4.0
wireshark-3.4.1
wireshark-3.4.2
wireshark-3.4.3
wireshark-3.4.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22207.json"

Git / gitlab.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://gitlab.com/wireshark/wireshark
Events
Introduced
e0ed4cfa3d72110257da54c26ad3a28d282ef454
Last affected
1437347b5f8ae559b7f5e0bc5455283ca523b0e1
Introduced
9733f173ea5e6255e8da208ef183210aa264d948
Last affected
c33f6306cbb22588d33cc28548727a8843ba8053
Database specific 
{
    "cpe": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "3.2.0"
        },
        {
            "last_affected": "3.2.12"
        },
        {
            "introduced": "3.4.0"
        },
        {
            "last_affected": "3.4.4"
        }
    ]
}

Affected versions

v3.*
v3.2.0
v3.2.1
v3.2.10
v3.2.10rc0
v3.2.11
v3.2.11rc0
v3.2.12
v3.2.12rc0
v3.2.1rc0
v3.2.2
v3.2.2rc0
v3.2.3
v3.2.3rc0
v3.2.4
v3.2.4rc0
v3.2.5
v3.2.5rc0
v3.2.6
v3.2.6rc0
v3.2.7
v3.2.7rc0
v3.2.8
v3.2.8rc0
v3.2.9
v3.2.9rc0
v3.4.0
v3.4.1
v3.4.1rc0
v3.4.2
v3.4.2rc0
v3.4.3
v3.4.3rc0
v3.4.4
v3.4.4rc0
wireshark-3.*
wireshark-3.2.0
wireshark-3.2.1
wireshark-3.2.10
wireshark-3.2.11
wireshark-3.2.12
wireshark-3.2.2
wireshark-3.2.3
wireshark-3.2.4
wireshark-3.2.5
wireshark-3.2.6
wireshark-3.2.7
wireshark-3.2.8
wireshark-3.2.9
wireshark-3.4.0
wireshark-3.4.1
wireshark-3.4.2
wireshark-3.4.3
wireshark-3.4.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22207.json"