Wireshark-dev: [Wireshark-dev] Re: Potentially vulnerable embedded software | Wireshark 4.6.3

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Mon, 26 Jan 2026 10:02:19 -0800
Hi Tony,

Thanks for reporting these. We have an open issue which tracks third party library updates in the Wireshark 4.6.x macOS and Windows package at https://gitlab.com/wireshark/wireshark/-/issues/20013. I've added your report there.

On 1/22/26 1:38 PM, EXT-Modrell, Anthony via Wireshark-dev wrote:

Hello,  

During a security review it was discovered that there are some DLL’s from outdated software that contain potential vulnerabilities. Could these please be updated?

                                                    i.     FFmpeg 7.1.1

        1. https://www.cvedetails.com/vulnerability-list/vendor_id-3611/product_id-6315/version_id-1951076/Ffmpeg-Ffmpeg-7.1.1.html

                                                   ii.     GLib 2.84.2

        1. https://www.cvedetails.com/vulnerability-list/vendor_id-283/product_id-16275/version_id-1958087/Gnome-Glib-2.84.2.html

                                                  iii.     Libxml2 2.13.8

        1. https://www.cvedetails.com/vulnerability-list/vendor_id-1962/product_id-3311/version_id-1964971/Xmlsoft-Libxml2-2.13.8.html

 

 

Thank you,

Tony Modrell

Application Captain

Anthony.modrell@xxxxxxxxxx

 


_______________________________________________
Wireshark-dev mailing list -- wireshark-dev@xxxxxxxxxxxxx
To unsubscribe send an email to wireshark-dev-leave@xxxxxxxxxxxxx