Moderate: protobuf security update

🗓️ 13 May 2025 00:00:00Reported by AlmaLinuxType

almalinux

almalinux🔗 errata.almalinux.org👁 6 Views

Moderate protobuf security update with a fix for message parsing vulnerability in Protocol Buffers.

Reporter	Title	Published	Views	Family All 139
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Google Protocol Buffers	30 Jan 202316:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple OS level vulnerabilities	26 Mar 202504:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar DNS Analyzer app is vulnerable to using components with known vulnerabilities	22 Aug 202414:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in protobuf (CVE-2022-1941)	1 Feb 202315:38	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.	26 Mar 202503:30	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in protobuf may affect IBM Robotic Process Automation and result in a denial of service (CVE-2022-1941)	20 Mar 202321:47	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.	2 Feb 202303:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to Google Protocol Buffer protobuf-cpp (CVE-2022-1941)	3 Oct 202309:59	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Network Threat Analytics for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities (CVE-2022-1941, CVE-2022-34749, CVE-2022-1552)	7 Oct 202216:12	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Spectrum Discover is vulnerable to multiple vulnerabilities	20 Jun 202304:41	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
almalinux	9	x86_64	protobuf	3.14.0-16.el9	protobuf-3.14.0-16.el9.x86_64.rpm
almalinux	9	i686	protobuf-lite	3.14.0-16.el9	protobuf-lite-3.14.0-16.el9.i686.rpm
almalinux	9	i686	protobuf	3.14.0-16.el9	protobuf-3.14.0-16.el9.i686.rpm
almalinux	9	noarch	python3-protobuf	3.14.0-16.el9	python3-protobuf-3.14.0-16.el9.noarch.rpm
almalinux	9	x86_64	protobuf-lite	3.14.0-16.el9	protobuf-lite-3.14.0-16.el9.x86_64.rpm
almalinux	9	ppc64le	protobuf	3.14.0-16.el9	protobuf-3.14.0-16.el9.ppc64le.rpm
almalinux	9	ppc64le	protobuf-lite	3.14.0-16.el9	protobuf-lite-3.14.0-16.el9.ppc64le.rpm
almalinux	9	aarch64	protobuf	3.14.0-16.el9	protobuf-3.14.0-16.el9.aarch64.rpm
almalinux	9	aarch64	protobuf-lite	3.14.0-16.el9	protobuf-lite-3.14.0-16.el9.aarch64.rpm
almalinux	9	s390x	protobuf-lite	3.14.0-16.el9	protobuf-lite-3.14.0-16.el9.s390x.rpm

Source	Link
access	www.access.redhat.com/errata/RHSA-2025:7138
access	www.access.redhat.com/security/cve/CVE-2022-1941
bugzilla	www.bugzilla.redhat.com/2291470
errata	www.errata.almalinux.org/9/ALSA-2025-7138.html

02 Jul 2025 13:27Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.17.5

EPSS0.01151

SSVC

protobuf security update message parsing vulnerability protocol buffers cve-2022-1941 almalinux release notes