3 matches found
SUSE CVE-2020-26243
Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being...
PT-2021-14478 · Nanopb +2 · Nanopb +2
Name of the Vulnerable Software and Affected Versions: Nanopb versions prior to 0.3.9.8 and 0.4.5 Description: Decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and a...
DEBIAN-CVE-2020-26243
Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being...