20 matches found
EUVD-2021-1801
Malware in sbrugna...
EUVD-2025-20099
Malicious code in bioql PyPI...
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.
...
Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2025-1092)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1092 advisory. The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input. CVE-2025-53605 Tenabl...
Amazon Linux 2 : rust (ALAS-2025-2933)
The version of rust installed on the remote host is prior to 1.86.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2933 advisory. The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup...
CVE-2025-53605
A flaw was found in protobuf. The protobuf::codedinputstream::CodedInputStream::skipgroup function exhibits uncontrolled recursion when parsing unknown fields from untrusted input, potentially leading to excessive resource consumption. This flaw allows a network attacker to trigger this condition...
AZL-65574 CVE-2025-53605 affecting package kata-containers 3.2.0.azl2-7
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
CVE-2025-53605
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
CVE-2025-53605
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
AZL-65565 CVE-2025-53605 affecting package rust for versions less than 1.75.0-17
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
UBUNTU-CVE-2025-53605
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
CVE-2025-53605
CVE-2025-53605 affects the Rust protobuf crate prior to 3.7.2. The issue is uncontrolled recursion in protobuf::coded_input_stream::CodedInputStream::skip_group when parsing unknown fields from untrusted input, with impact described as availability-related in the CVSS metrics. Connected advisorie...
CVE-2025-53605
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
CVE-2025-53605
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
protobuf crate 安全漏洞
protobuf crate is a library for Rust by Stepan Koltsov, a personal developer. A security vulnerability exists in protobuf crate versions prior to 3.7.2, which stems from uncontrolled recursion when parsing unknown fields in protobuf::codedinputstream::CodedInputStream::skipgroup...
CVE-2019-15544
An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve calls...
GHSA-2GH3-RMM4-6RQ5 Crash due to uncontrolled recursion in protobuf crate
Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input. This allows an attacker to cause a stack overflow when parsing the message on untrusted data...
Crash due to uncontrolled recursion in protobuf crate
Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input. This allows an attacker to cause a stack overflow when parsing the message on untrusted data...
PT-2025-28031 · Protobuf +1 · Protobuf +1
Name of the Vulnerable Software and Affected Versions: protobuf crate for Rust versions prior to 3.7.2 Description: The issue allows uncontrolled recursion in the protobuf::coded input stream::CodedInputStream::skip group function when parsing unknown fields in untrusted input. This can occur due...
Crash due to uncontrolled recursion in protobuf crate
Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input. This allows an attacker to cause a stack overflow when parsing the mssage on untrusted data...