Home > Vulnerability Database > CVE-2025-1492

Mend.io Vulnerability Database

CVE-2025-1492

Date: February 19, 2025

Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file

Severity Score

7.8

Related Resources (5)

Url: https://security-tracker.debian.org/tracker/CVE-2025-1492

Url: https://www.wireshark.org/security/wnpa-sec-2025-01.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-1492

Url: https://gitlab.com/wireshark/wireshark/-/issues/20373

Url: https://www.mend.io/vulnerability-database/CVE-2025-1492

Severity Score

7.8

Weakness Type (CWE)

Uncontrolled Recursion

CWE-674

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-1492

Date: February 19, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?