CVE-2025-11626
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-10
Last updated on: 2025-12-03
Assigner: GitLab Inc.
Description
Description
MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wireshark | wireshark | From 4.2.0 (inc) to 4.2.14 (exc) |
| wireshark | wireshark | From 4.4.0 (inc) to 4.4.10 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-835 | The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an infinite loop in the MONGO dissector component of Wireshark versions 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13. It can cause the software to enter an endless processing loop when handling certain MONGO protocol data, leading to a denial of service condition.
How can this vulnerability impact me? :
The vulnerability can cause Wireshark to become unresponsive or crash due to the infinite loop, resulting in a denial of service. This can disrupt network analysis and monitoring activities that rely on Wireshark.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70