EUVD-2022-7625

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-3509

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a...

CVE-2022-3510

A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbag...

Updated protobuf packages fix security vulnerability

Parsing vulnerability for the MessageSet type in the ProtocolBuffers for protobuf-python can lead to out of memory can lead to a Denial of Service against services receiving unsanitized input. CVE-2022-1941 A parsing issue with binary data in protobuf-java core and lite can lead to a denial of...

Security Bulletin: IBM MQ Blockchain bridge is vulnerable to multiple issues within protobuf-java-core (CVE-2022-3510, CVE-2022-3509)

Summary Multiple issues were identified within protobuf-java-core which is used by fabric gateway which is used by IBM MQ Blockchain bridge to provide Blockchain functionality to IBM MQ. Vulnerability Details CVEID:CVE-2022-3510 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial ...

SUSE CVE-2022-3510

A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown...

SUSE CVE-2022-3509

A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes...

Security Bulletin: IBM Workload Scheduler potentially affected by parsing issue with binary data in protobuf-java core (CVE-2022-3171)

Summary A parsing issue with binary data in protobuf-java core can lead to a denial of service attack and potentially affects IBM Workload Scheduler 9.5 and IBM Workload Scheduler 10.1 Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of...

Security Bulletin: IBM MQ Blockchain bridge is vulnerable to a denial of service issue within protobuf-java core (CVE-2022-3171)

Summary An issue was identified within protobuf-java core, which is used by fabric gateway, which in turn is used by IBM MQ Blockchain bridge to provide IBM MQ Blockchain functionality. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial o...

GHSA-H4H5-3HR4-J3G2 protobuf-java has a potential Denial of Service issue

Summary A potential Denial of Service issue in protobuf-java core and lite was discovered in the parsing procedure for binary and text format data. Input streams containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted...

PT-2022-6746 · Google +3 · Protobuf-Java +4

Name of the Vulnerable Software and Affected Versions: protobuf-java core and lite versions prior to 3.21.7 protobuf-java core and lite versions prior to 3.20.3 protobuf-java core and lite versions prior to 3.19.6 protobuf-java core and lite versions prior to 3.16.3 Description: A parsing issue i...