CVE-2023-1994 MEDIUM

CVE-2023-1994

Vendor Wireshark Foundation

Product Wireshark

Published April 12, 2023

Last update November 3, 2025

CVSS base score

6.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Key dates

April 12, 2023 CVE published

November 3, 2025 Record updated

External resources

CVE CVE-2023-1994

CVSS 6.3 / MEDIUM

Vendor Wireshark Foundation

Product Wireshark

Affected >=4.0.0, <4.0.5

Vendor Wireshark Foundation

Product Wireshark

Affected >=3.6.0, <3.6.13