Lucene search

GoogleCVE-2024-7254

HistorySep 19, 2024 - 1:15 a.m.

CVE-2024-7254

2024-09-1901:15:10

CWE-20

Google

web.nvd.nist.gov

protocol buffers

stackoverflow

nested groups

discardunknownfieldsparser

java protobuf lite parser

protobuf map fields

untrusted data

cve-2024-7254

CVSS4

8.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:N

AI Score

6.8

Confidence

High

EPSS

Percentile

9.6%

JSON

Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker.

Affected configurations

Vulners

Vulnrichment

Node

googleprotocol_buffersRange≤28.2

googleprotobuf-javaRange≤3.25.5

googleprotobuf-javaRange≤4.27.5

googleprotobuf-javaRange≤4.28.2

googleprotobuf-javaliteRange≤3.25.5

googleprotobuf-javaliteRange≤4.27.5

googleprotobuf-javaliteRange≤4.28.2

googleprotobuf-kotlinRange≤3.25.5

googleprotobuf-kotlinRange≤4.27.5

googleprotobuf-kotlinRange≤4.28.2

googleprotobuf-kotlin-liteRange≤3.25.5

googleprotobuf-kotlin-liteRange≤4.27.5

googleprotobuf-kotlin-liteRange≤4.28.2

googleprotobufRange≤3.25.5

googleprotobufRange≤4.27.5

googleprotobufRange≤4.28.2

VendorProductVersionCPE
googleprotocol_buffers*cpe:2.3:a:google:protocol_buffers:*:*:*:*:*:*:*:*
googleprotobuf-java*cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:*
googleprotobuf-javalite*cpe:2.3:a:google:protobuf-javalite:*:*:*:*:*:*:*:*
googleprotobuf-kotlin*cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:*
googleprotobuf-kotlin-lite*cpe:2.3:a:google:protobuf-kotlin-lite:*:*:*:*:*:*:*:*
googleprotobuf*cpe:2.3:a:google:protobuf:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	protocol_buffers	*	cpe:2.3:a:google:protocol_buffers::::::::
google	protobuf-java	*	cpe:2.3:a:google:protobuf-java::::::::
google	protobuf-javalite	*	cpe:2.3:a:google:protobuf-javalite::::::::
google	protobuf-kotlin	*	cpe:2.3:a:google:protobuf-kotlin::::::::
google	protobuf-kotlin-lite	*	cpe:2.3:a:google:protobuf-kotlin-lite::::::::
google	protobuf	*	cpe:2.3:a:google:protobuf::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Protocol Buffers",
    "repo": "https://github.com/protocolbuffers/protobuf",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "28.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "collectionURL": "https://mvnrepository.com/artifact/com.google.protobuf/protobuf-java",
    "defaultStatus": "unaffected",
    "product": "protobuf-java",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "3.25.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.27.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.28.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "protobuf-javalite",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "3.25.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.27.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.28.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "protobuf-kotlin",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "3.25.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.27.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.28.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "protobuf-kotllin-lite",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "3.25.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.27.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.28.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "collectionURL": "https://rubygems.org/gems/google-protobuf",
    "defaultStatus": "unaffected",
    "product": "google-protobuf [JRuby Gem]",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "3.25.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.27.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "4.28.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]