{
  "threat_severity" : "Moderate",
  "public_date" : "2023-05-17T00:00:00Z",
  "bugzilla" : {
    "description" : "wireshark: NetScaler file parser crash",
    "id" : "2210829",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2210829"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-122",
  "details" : [ "NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file", "A flaw was found in the NetScaler file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-11-14T00:00:00Z",
    "advisory" : "RHSA-2023:7015",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "wireshark-1:2.6.2-17.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6469",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "wireshark-1:3.4.10-6.el9"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "wireshark",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "wireshark",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-2858\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2858" ],
  "name" : "CVE-2023-2858",
  "csaw" : false
}