CVE-2021-22191 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Arbitrary code execution
Description	A security issue has been found in Wireshark before version 3.4.4. Some fields in the Wireshark proto_tree are double-clickable and pass URLs with arbitrary schemes to the QDesktopServices::openUrl function. http and https URLs passed to this function are opened by the browser which is generally safe. For some other schemes like dav and file however, referenced files will be opened by the system's standard application associated with their file type. By preparing internet-hosted file shares and executable files, arbitrary code execution can be achieved via malicious pcap(ng) files or captured live-traffic and some user interaction.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1669	wireshark-qt	3.4.3-2	3.4.4-1	Medium	Fixed

Date	Advisory	Group	Package	Severity	Type
13 Mar 2021	ASA-202103-2	AVG-1669	wireshark-qt	Medium	arbitrary code execution

References
https://www.wireshark.org/security/wnpa-sec-2021-03.html https://gitlab.com/wireshark/wireshark/-/issues/17232 https://gitlab.com/wireshark/wireshark/-/merge_requests/2074 https://gitlab.com/wireshark/wireshark/-/commit/b2c58d020c100958beb59d9e62471efab5c3cc2d

References

https://www.wireshark.org/security/wnpa-sec-2021-03.html
https://gitlab.com/wireshark/wireshark/-/issues/17232
https://gitlab.com/wireshark/wireshark/-/merge_requests/2074
https://gitlab.com/wireshark/wireshark/-/commit/b2c58d020c100958beb59d9e62471efab5c3cc2d