Lucene search
K

58 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/02 2:33 p.m.7 views

Security Bulletin: protobuf-java - CVE-2022-3171 fixed in Cloudera Data Platform Private Cloud Base 7.1.9

Summary Security Bulletin: protobuf-java - CVE-2022-3171 fixed in Cloudera Data Platform Private Cloud Base 7.1.9 Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to ...

7.5CVSS5.9AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/31 6:39 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to Improper Input Validation in protobuf [CVE-2022-3171]

Summary IBM Watson Speech Services Cartridge is vulnerable to Improper Input Validation in protobuf, due to a parsing issue with binary data in protobuf-java core CVE-2022-3171. Protobuf is used in our speech service runtimes. This vulnerabilitiy has been addressed. Please read the details for...

7.5CVSS7.1AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/23 2:47 p.m.25 views

Security Bulletin: IBM® Db2® is affected by a vulnerability in protobuf-java (CVE-2022-3510, CVE-2022-3509, CVE-2022-3171).

Summary protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text format data. By sending non-repeated embedded messages with repeated or unknown fields, a remote authenticated attacker could exploit this vulnerability to caus...

7.5CVSS6.5AI score0.01048EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.17 views

Fedora 37 : protobuf (2022-25f35ed634)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-25f35ed634 advisory. Selected notes from packaging changes and improvements: 3.19.6 fixes CVE-2022-3171 3.19.5 fixes CVE-2022-1941 License updated to SPDX Unnecessary...

7.5CVSS6.6AI score0.01191EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/05 9:58 p.m.31 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in google-protobuf-3.11.2.gem

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of google-protobuf-3.11.2.gem Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and te...

7.5CVSS7.3AI score0.01048EPSS
Exploits0Affected Software1
CBLMariner
CBLMariner
added 2024/07/24 1:44 a.m.25 views

CVE-2022-3171 affecting package python-tensorboard for versions less than 2.16.2-2

CVE-2022-3171 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...

7.5CVSS7AI score0.01048EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/22 9:28 a.m.29 views

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to the protobuf-java core and lite ( CVE-2022-3171).

Summary Protobuf-java core and lite are used by IBM Event Streams. The protobuf-java core library provides comprehensive functionality for working with Protocol Buffers, including advanced parsing and serialization, while the protobuf-java-lite library offers a performance-optimized version for...

7.5CVSS6AI score0.01048EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/30 8:24 p.m.69 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update

Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.4AI score0.99931EPSS
Exploits46References25
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/10 3:57 p.m.54 views

Security Bulletin: The IBM QRadar SIEM Amazon Web Services protocol is vulnerable to a denial of service (CVE-2021-22569 ,CVE-2022-3171, CVE-2022-3509)

Summary A flaw was found in protobuf-java. Google Protocol Buffer protobuf-java which allows the interleaving of com.google.protobuf.UnknownFieldSet fields. Vulnerability Details CVEID:CVE-2021-22569 DESCRIPTION: Google Protocol Buffer protobuf-java is vulnerable to a denial of service, caused by...

7.5CVSS6.4AI score0.01655EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/24 2:7 p.m.35 views

Security Bulletin: Protobuf as used by IBM QRadar SIEM is vulnerable to denial of service (CVE-2022-3171, CVE-2022-3509)

Summary Protobuf as used by IBM QRadar SIEM is vulnerable to denial of service. IBM QRadar SIEM has addressed the applicable vulnerability. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing...

7.5CVSS6.2AI score0.01048EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/12/11 12:0 a.m.39 views

Atlassian Jira Service Management Data Center and Server 4.20.x < 4.20.27 / 5.4.x < 5.4.11 (JSDSERVER-14754)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-14754 advisory. - A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3,...

7.5CVSS6.4AI score0.01048EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.31 views

SUSE SLES15: libprotobuf-lite20 / python2-cryptography / python2-psutil / etc (SUSE-SU-2023:2783-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-2 advisory. grpc: - Update in SLE-15 bsc1197726, bsc1144068 protobuf: - Fix a potential DoS issue in protobuf-cpp and protobuf-python, CVE-2022-1941,...

9.1CVSS6.8AI score0.06718EPSS
Exploits3References29
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/21 12:17 p.m.44 views

Security Bulletin: IBM Sterling Global Mailbox is vulnerable to denial of service due to WebSphere Liberty Server ( CVE-2022-3509, CVE-2022-3171)

Summary A security vulnerability has been identified and addressed in WebSphere Liberty Server shipped with IBM Sterling Global Mailbox. Vulnerability Details CVEID:CVE-2022-3509 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing...

7.5CVSS6.2AI score0.01048EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/06 12:0 a.m.52 views

SUSE SLES15: libprotobuf-lite20 / python2-cryptography / python2-psutil / etc (SUSE-SU-2023:2783-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-1 advisory. grpc: - Update in SLE-15 bsc1197726, bsc1144068 protobuf: - Fix a potential DoS issue in protobuf-cpp and protobuf-python, CVE-2022-1941,...

9.1CVSS6.8AI score0.06718EPSS
Exploits3References29
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/07 10:53 a.m.26 views

Security Bulletin: IBM QRadar User Behavior Analytics is vulnerable to components with known vulnerabilities

Summary IBM QRadar User Behavior Analytics contains vulnerable packages/components and that may be identified and potentially exploited. The packages have been updated in the latest release and the vulnerabilities identified in the CVEs have been addressed. Please follow the instructions in the...

9.8CVSS9.6AI score0.99615EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 2:37 p.m.31 views

Security Bulletin: WebSphere Application Server Liberty is vulnerable to CVE-2022-3509 and CVE-2022-3171 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is vulnerable to CVE-2022-3509 and CVE-2022-3171. Vulnerability Details CVEID:CVE-2022-3509 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in...

7.5CVSS6.3AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/28 11:54 a.m.41 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use DFDL may be vulnerable to denial of service due to [CVE-2022-3171]

Summary Protobuf is used by IBM App Connect Enterprise Certified Container for compiling and loading DFDL message models. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use DFDL message models may be vulnerable to denial of service if they...

7.5CVSS6.1AI score0.01048EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/04/28 12:0 a.m.29 views

Fedora: Security Advisory for perl-Alien-ProtoBuf (FEDORA-2022-15729fa33d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.01191EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/04/28 12:0 a.m.35 views

Fedora: Security Advisory for protobuf (FEDORA-2022-15729fa33d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.01191EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/31 10:43 a.m.23 views

Security Bulletin: Multiple Vulnerabilities in Google Protocol Buffer affect IBM Operations Analytics - Log Analysis (CVE-2022-3509, CVE-2022-3171)

Summary A parsing issue in Google Protocol Buffer shipped with IBM Operations Analytics - Log Analysis can lead to a denial of service attack. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing...

7.5CVSS6AI score0.01048EPSS
Exploits0Affected Software1
Rows per page
Query Builder