Lucene search
K

22 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/07/23 2:47 p.m.25 views

Security Bulletin: IBM® Db2® is affected by a vulnerability in protobuf-java (CVE-2022-3510, CVE-2022-3509, CVE-2022-3171).

Summary protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text format data. By sending non-repeated embedded messages with repeated or unknown fields, a remote authenticated attacker could exploit this vulnerability to caus...

7.5CVSS6.5AI score0.01048EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2022-3510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 ca...

7.5CVSS6.2AI score0.01048EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/08 9:17 p.m.36 views

Security Bulletin: protobuf-java component is vulnerable to CVE-2022-3510 and CVE-2022-3509 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses protobuf-java package which is vulnerable to CVE-2022-3510 and CVE-2022-3509. Vulnerability Details CVEID:CVE-2022-3510 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for...

7.5CVSS7.4AI score0.00567EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/28 11:56 a.m.36 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use DFDL may be vulnerable to denial of service due to [CVE-2022-3510]

Summary Protobuf is used by IBM App Connect Enterprise Certified Container for compiling and loading DFDL message models. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use DFDL message models may be vulnerable to denial of service if they...

7.5CVSS7.2AI score0.00483EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/04/18 7:1 p.m.55 views

Moderate: Red Hat Security Advisory: Red Hat JBoss EAP 7.4.10 XP 4.0.0.GA security release

JBoss EAP XP 4.0.0.GA security release on the EAP 7.4.10 base is now available. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS6.6AI score0.00722EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2023/04/03 7:43 p.m.73 views

CVE-2022-3510

A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbag...

5.3CVSS7.3AI score0.00483EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/03 7:43 a.m.41 views

Security Bulletin: Multiple Vulnerabilities in Google Protocol Buffer affect IBM Operations Analytics - Log Analysis (CVE-2022-3509, CVE-2022-3510)

Summary A parsing issue in Google Protocol Buffer shipped with IBM Operations Analytics - Log Analysis can lead to a denial of service attack. Vulnerability Details CVEID:CVE-2022-3510 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing...

7.5CVSS7.3AI score0.00567EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/01 4:33 p.m.116 views

Security Bulletin: IBM MQ Blockchain bridge is vulnerable to multiple issues within protobuf-java-core (CVE-2022-3510, CVE-2022-3509)

Summary Multiple issues were identified within protobuf-java-core which is used by fabric gateway which is used by IBM MQ Blockchain bridge to provide Blockchain functionality to IBM MQ. Vulnerability Details CVEID:CVE-2022-3510 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial ...

7.5CVSS7.5AI score0.00567EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 11:30 a.m.56 views

Security Bulletin: IBM Cloud Pak for Multicloud Management is vulnerable to denial of service due to protobuf-java core and lite

Summary protobuf-java is used by some components of IBM Cloud Pak for Multicloud Management and it is vulnerable to a denial of service. CVE-2022-3509, CVE-2022-3171, CVE-2022-3510 Vulnerability Details CVEID:CVE-2022-3509 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of...

7.5CVSS6.2AI score0.01048EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.42 views

GLSA-202301-09 : protobuf-java: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202301-09 protobuf-java: Denial of Service - A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple...

7.5CVSS6.4AI score0.01048EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2022/12/12 3:30 p.m.9 views

be.zvz:KotlinInside (>=1.14.0 <=1.14.6), com.google.protobuf:protobuf-kotlin-lite (>=3.20.0 <=3.20.2) +8 more potentially affected by CVE-2022-3510 via com.google.protobuf:protobuf-javalite (>=3.20.0 <=3.20.2)

com.google.protobuf:protobuf-javalite MAVEN version =3.20.0, =1.14.0, =3.20.0, =2.12.0, =2.12.0, =2.3.0, =0.2.4, =0.2.6 - io.github.dimensiondev:maskwalletcore =0.5.0 Source cves: CVE-2022-3510 Source advisory: OSV:GHSA-4GG5-VX3J-XWC7...

7.5CVSS6.7AI score0.00483EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/12/12 3:30 p.m.6 views

ai.edgestore:engine (=1.0.1-alpha03), androidx.health:health-connect-client (>=1.0.0-alpha01 <=1.0.0-alpha02) +132 more potentially affected by CVE-2022-3510 via com.google.protobuf:protobuf-javalite (>=3.17.0 <=3.19.5)

com.google.protobuf:protobuf-javalite MAVEN version =3.17.0, =1.0.0-alpha01, =2022.12, =2022.12, =7.0.2110, =1.0.0, =0.16.1, =0.16.3.1 and more Source cves: CVE-2022-3510 Source advisory: OSV:GHSA-4GG5-VX3J-XWC7...

7.5CVSS6.7AI score0.00483EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/12/12 3:30 p.m.4 views

ai.djl.spring:djl-spring-boot-starter-tensorflow-auto (>=0.15 <=0.18), ai.djl.tensorflow:tensorflow-api (>=0.15.0 <=0.18.0) +7156 more potentially affected by CVE-2022-3510 via com.google.protobuf:protobuf-java (>=3.17.0 <=3.19.5)

com.google.protobuf:protobuf-java MAVEN version =3.17.0, =0.15, =0.15.0, =0.15.0, =0.15.0, =3.32.1.6, =3.32.1.6-1-2.1, =3.32.1.6-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.0.1, =2.8.4-alpha1, =3.0.1-alpha1 and more Source cves: CVE-2022-3510...

7.5CVSS6.7AI score0.00483EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/12/12 3:30 p.m.8 views

ai.grakn:grakn-dist (=0.17.0), ai.grakn:janus-factory (>=0.17.0 <=1.1.0) +10224 more potentially affected by CVE-2022-3510 via com.google.protobuf:protobuf-java (>=3.0.0 <=3.16.1)

com.google.protobuf:protobuf-java MAVEN version =3.0.0, =0.17.0, =1.1.0 - ai.konduit.serving:konduit-serving-api =0.3.0 - ai.konduit.serving:konduit-serving-build =0.3.0 - ai.konduit.serving:konduit-serving-cli =0.3.0 - ai.konduit.serving:konduit-serving-config-creator =0.3.0 -...

7.5CVSS6.7AI score0.00483EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/12/12 3:30 p.m.4 views

ai.tock:tock-nlp-dialogflow (=22.3.1), ai.tock:tock-nlp-model-stanford (=22.3.1) +1290 more potentially affected by CVE-2022-3510 via com.google.protobuf:protobuf-java (>=3.20.0 <=3.20.2)

com.google.protobuf:protobuf-java MAVEN version =3.20.0, =0.10.0, =3.0.0, =0.0.6, =0.0.6, =0.9.5, =2.0.0-alpha.0, =2023.0.0.0-RC1, =2023.0.0.0-RC1, =1.0.3, =1.0.3.AS2.RELEASE and more Source cves: CVE-2022-3510 Source advisory: OSV:GHSA-4GG5-VX3J-XWC7...

7.5CVSS6.7AI score0.00483EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/12/12 3:30 p.m.7 views

build.buf.prototype:connect-kotlin-protoc-gen-javalite-ext (=v0.0.0-test0120), build.buf:connect-kotlin-google-javalite-ext (>=0.0.0-230221 <=0.1.9) +43 more potentially affected by CVE-2022-3510 via com.google.protobuf:protobuf-javalite (>=3.21.0 <=3.21.6)

com.google.protobuf:protobuf-javalite MAVEN version =3.21.0, =0.0.0-230221, =2.15.3unofficial65, =2.15.3unofficial65, =7.0.0.0, =20.3.2, =20.3.2, =3.21.0, =2.15.0, =2.15.0, =2.19.0 - com.ingonoka:grpc-endpoint-authentication-android =v0.2 and more Source cves: CVE-2022-3510 Source advisory:...

7.5CVSS6.7AI score0.00483EPSS
Exploits0
NVD
NVD
added 2022/12/12 1:15 p.m.28 views

CVE-2022-3510

A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown...

7.5CVSS0.00483EPSS
Exploits0References1
Wolfi
Wolfi
added 2022/12/12 1:15 p.m.40 views

CVE-2022-3510 vulnerabilities

Vulnerabilities for packages: trino, celeborn...

7.5CVSS6.7AI score0.00483EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/11/11 4:35 p.m.10 views

CVE-2022-3510 Parsing issue in protobuf message-type extension

A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown...

7.5CVSS7.2AI score0.00483EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/11 4:35 p.m.31 views

CVE-2022-3510 Parsing issue in protobuf message-type extension

A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown...

7.5CVSS7.7AI score0.00483EPSS
Exploits0References1
Rows per page
Query Builder