Moderate: Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.2.1 security update

A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System...

protobuf-java: potential DoS in the parsing procedure for binary data

A flaw was found in protobuf-java. Google Protocol Buffer protobuf-java allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of...

AZL-41431 CVE-2021-22569 affecting package pytorch for versions less than 2.2.2-5

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...

CVE-2021-22569

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...

CVE-2021-22569

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...

DEBIAN-CVE-2021-22569

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...

Code injection

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...

UBUNTU-CVE-2021-22569

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...

CVE-2021-22569

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...

cn.ac.ios.tis:riscvspeccore_2.12 (>=0.1.0 <=1.0.0), cn.dustlight.flow:flow-zeebe (>=0.1.3-alpha <=0.1.7-alpha) +1037 more potentially affected by CVE-2021-22569 via com.google.protobuf:protobuf-java (>=3.18.0 <=3.18.1)

com.google.protobuf:protobuf-java MAVEN version =3.18.0, =0.1.0, =0.1.3-alpha, =0.0.1-alpha, =0.0.2-alpha - cn.vertxup:vertx-co =0.7.0 - cn.vertxup:vertx-ifx =0.7.0 - cn.vertxup:vertx-import =0.7.0 - cn.vertxup:vertx-pin =0.7.0 - cn.vertxup:vertx-rx =0.7.0 - cn.vertxup:vertx-tp =0.7.0 -...

ae.teletronics.nlp:entityextraction (=1.3), ae.teletronics.nlp:w2vec (=1.0) +20414 more potentially affected by CVE-2021-22569 via com.google.protobuf:protobuf-java (>=2.0.3 <=3.16.0)

com.google.protobuf:protobuf-java MAVEN version =2.0.3, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.10 and more Source cves: CVE-2021-22569 Source advisory: OSV:GHSA-WRVW-HG22-4M67...

GHSA-WRVW-HG22-4M67 A potential Denial of Service issue in protobuf-java

Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Reporter: OSS-Fuzz Affected versions: All versions of Java Protobufs including Kotlin and JRuby prior to the versions listed below. Protobuf "javalite" users typically Android are...

A potential Denial of Service issue in protobuf-java

Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Reporter: OSS-Fuzz Affected versions: All versions of Java Protobufs including Kotlin and JRuby prior to the versions listed below. Protobuf "javalite" users typically Android are...

ai.superstream:kafka-clients (>=3.0.1 <=3.6.1-alpha1), ai.superstream:spring-kafka (>=2.8.4-alpha1 <=3.0.1-alpha1) +1387 more potentially affected by CVE-2021-22569 via com.google.protobuf:protobuf-java (>=3.19.0 <=3.19.1)

com.google.protobuf:protobuf-java MAVEN version =3.19.0, =3.0.1, =2.8.4-alpha1, =0.0.1-alpha1, =21.9.4, =21.9.4, =21.9.4, =21.9.4, =0.6.9-rc.2, =0.10.3, =0.10.3, =0.10.3, =0.10.3, =0.10.3, =0.10.3, =0.10.3, =0.10.4 and more Source cves: CVE-2021-22569 Source advisory: OSV:GHSA-WRVW-HG22-4M67...

CVE-2021-22569

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...

A potential Denial of Service issue in protobuf-java

Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Affected versions: All versions of Java Protobufs including Kotlin and JRuby prior to the versions listed below. Protobuf "javalite" users typically Android are not affected...

CVE-2021-22569 Denial of Service of protobuf-java parsing procedure

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...

CVE-2021-22569

CVE-2021-22569 concerns protobuf-java: an issue allowing interleaving of UnknownFieldSet fields that can cause the parser to linger due to many short-lived objects, potentially enabling DoS-like pauses. Connected sources show this vulnerability in multiple ecosystems (e.g., Debian protobuf packag...

CVE-2021-22569 Denial of Service of protobuf-java parsing procedure

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated...