Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-8wad-hesk-n3fy
Summarywireshark: Heap-based Buffer Overflow in packet-rtcp.c
Aliases
0
alias CVE-2018-11355
Fixed_packages
0
url pkg:alpm/archlinux/wireshark-cli@2.6.1-1
purl pkg:alpm/archlinux/wireshark-cli@2.6.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/wireshark-cli@2.6.1-1
1
url pkg:alpm/archlinux/wireshark-qt@2.6.1-1
purl pkg:alpm/archlinux/wireshark-qt@2.6.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/wireshark-qt@2.6.1-1
2
url pkg:deb/debian/wireshark@0?distro=trixie
purl pkg:deb/debian/wireshark@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wireshark@0%3Fdistro=trixie
3
url pkg:deb/debian/wireshark@3.4.10-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wireshark@3.4.10-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7cgx-1cxn-7bdk
1
vulnerability VCID-mb3r-da54-7kfk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wireshark@3.4.10-0%252Bdeb11u1%3Fdistro=trixie
4
url pkg:deb/debian/wireshark@4.0.17-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wireshark@4.0.17-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-114w-j43h-p3ek
1
vulnerability VCID-2pgm-khz1-auay
2
vulnerability VCID-9jam-asdr-cyec
3
vulnerability VCID-kdgd-xdqb-9khz
4
vulnerability VCID-m58x-8cam-3fdy
5
vulnerability VCID-mb3r-da54-7kfk
6
vulnerability VCID-mnuz-t2nj-nfh5
7
vulnerability VCID-qs6k-my1v-8qh4
8
vulnerability VCID-r54z-8gcg-pqg7
9
vulnerability VCID-ra98-yk72-bkfq
10
vulnerability VCID-shbm-pwte-rkgt
11
vulnerability VCID-wqn1-t4m4-wben
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wireshark@4.0.17-0%252Bdeb12u1%3Fdistro=trixie
5
url pkg:deb/debian/wireshark@4.4.14-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wireshark@4.4.14-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wireshark@4.4.14-0%252Bdeb13u1%3Fdistro=trixie
6
url pkg:deb/debian/wireshark@4.6.4-1?distro=trixie
purl pkg:deb/debian/wireshark@4.6.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wireshark@4.6.4-1%3Fdistro=trixie
Affected_packages
0
url pkg:alpm/archlinux/wireshark-cli@2.6.0-1
purl pkg:alpm/archlinux/wireshark-cli@2.6.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6u5q-6d7a-ekd3
1
vulnerability VCID-8wad-hesk-n3fy
2
vulnerability VCID-99mf-vasd-6qfa
3
vulnerability VCID-b61v-6d1r-1kam
4
vulnerability VCID-bs39-fprw-dkft
5
vulnerability VCID-e491-5pe9-rbe6
6
vulnerability VCID-eb2u-sghj-yqhp
7
vulnerability VCID-v8cp-tsyw-skeq
8
vulnerability VCID-yt8s-sc4c-qkcf
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/wireshark-cli@2.6.0-1
1
url pkg:alpm/archlinux/wireshark-qt@2.6.0-1
purl pkg:alpm/archlinux/wireshark-qt@2.6.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6u5q-6d7a-ekd3
1
vulnerability VCID-8wad-hesk-n3fy
2
vulnerability VCID-99mf-vasd-6qfa
3
vulnerability VCID-b61v-6d1r-1kam
4
vulnerability VCID-bs39-fprw-dkft
5
vulnerability VCID-e491-5pe9-rbe6
6
vulnerability VCID-eb2u-sghj-yqhp
7
vulnerability VCID-v8cp-tsyw-skeq
8
vulnerability VCID-yt8s-sc4c-qkcf
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/wireshark-qt@2.6.0-1
References
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11355.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11355.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11355
reference_id
reference_type
scores
0
value 0.00583
scoring_system epss
scoring_elements 0.68897
published_at 2026-04-01T12:55:00Z
1
value 0.00583
scoring_system epss
scoring_elements 0.69004
published_at 2026-04-16T12:55:00Z
2
value 0.00583
scoring_system epss
scoring_elements 0.68984
published_at 2026-04-09T12:55:00Z
3
value 0.00583
scoring_system epss
scoring_elements 0.69006
published_at 2026-04-11T12:55:00Z
4
value 0.00583
scoring_system epss
scoring_elements 0.68992
published_at 2026-04-12T12:55:00Z
5
value 0.00583
scoring_system epss
scoring_elements 0.68962
published_at 2026-04-13T12:55:00Z
6
value 0.00583
scoring_system epss
scoring_elements 0.68914
published_at 2026-04-07T12:55:00Z
7
value 0.00583
scoring_system epss
scoring_elements 0.68935
published_at 2026-04-04T12:55:00Z
8
value 0.00583
scoring_system epss
scoring_elements 0.68965
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11355
3
reference_url https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14673
reference_id
reference_type
scores
url https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14673
4
reference_url https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=99d27a5fd2c540f837154aca3b3647f5ccfa0c33
reference_id
reference_type
scores
url https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=99d27a5fd2c540f837154aca3b3647f5ccfa0c33
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://www.wireshark.org/security/wnpa-sec-2018-27.html
reference_id
reference_type
scores
url https://www.wireshark.org/security/wnpa-sec-2018-27.html
7
reference_url http://www.securityfocus.com/bid/104308
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104308
8
reference_url http://www.securitytracker.com/id/1041036
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1041036
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1581758
reference_id 1581758
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1581758
10
reference_url https://security.archlinux.org/ASA-201805-23
reference_id ASA-201805-23
reference_type
scores
url https://security.archlinux.org/ASA-201805-23
11
reference_url https://security.archlinux.org/ASA-201805-25
reference_id ASA-201805-25
reference_type
scores
url https://security.archlinux.org/ASA-201805-25
12
reference_url https://security.archlinux.org/AVG-708
reference_id AVG-708
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-708
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wireshark:wireshark:2.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wireshark:wireshark:2.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wireshark:wireshark:2.6.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11355
reference_id CVE-2018-11355
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-11355
Weaknesses
0
cwe_id 122
name Heap-based Buffer Overflow
description A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
1
cwe_id 119
name Improper Restriction of Operations within the Bounds of a Memory Buffer
description The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Exploits
Severity_range_score5.0 - 10.0
Exploitability0.5
Weighted_severity9.0
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-8wad-hesk-n3fy