Rewterz Threat Advisory – CVE-2020-17526 – Apache Airflow security bypass
December 22, 2020Rewterz Threat Alert – Emotet is Back
December 22, 2020Rewterz Threat Advisory – CVE-2020-17526 – Apache Airflow security bypass
December 22, 2020Rewterz Threat Alert – Emotet is Back
December 22, 2020Severity
Medium
Analysis Summary
CVE-2020-26422
Wireshark is vulnerable to a denial of service, caused by a flaw in the QUIC dissector. By persuading a victim to read a specially crafted packet trace file or injecting packets, a remote attacker could exploit this vulnerability to cause the application to crash.
Impact
Denial of Service
Affected Vendors
Wireshark
Affected Products
Wireshark Wireshark 3.4.0
Remediation
Upgrade to Wireshark 3.4.2 or later.