Lucene search
K

10 matches found

OSV
OSV
added 2024/09/19 4:6 p.m.5 views

GHSA-735F-PC8J-V9W8 protobuf-java has potential Denial of Service issue

Summary When parsing unknown fields in the Protobuf Java Lite and Full library, a maliciously crafted message can cause a StackOverflow error and lead to a program crash. Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team Affected versions: This issue affects all versions of both t...

8.7CVSS6.8AI score0.02772EPSS
Exploits1References12
vulnersOsv
vulnersOsv
added 2024/09/19 4:6 p.m.6 views

ai.cheq.sst.android:cheq-sst-kotlin-protobuf (>=0.1.0 <=0.1.3), com.android.designcompose:common (>=0.29.1 <=0.30.0-rc02) +1 more potentially affected by CVE-2024-7254 via com.google.protobuf:protobuf-kotlin-lite (>=4.26.0 <=4.27.3)

com.google.protobuf:protobuf-kotlin-lite MAVEN version =4.26.0, =0.1.0, =0.29.1, =0.6.0, =0.7.0 Source cves: CVE-2024-7254 Source advisory: OSV:GHSA-735F-PC8J-V9W8...

8.7CVSS6.8AI score0.02772EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2024/09/19 4:6 p.m.127 views

protobuf-java has potential Denial of Service issue

Summary When parsing unknown fields in the Protobuf Java Lite and Full library, a maliciously crafted message can cause a StackOverflow error and lead to a program crash. Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team Affected versions: This issue affects all versions of both t...

8.7CVSS7.8AI score0.02772EPSS
Exploits1References12Affected Software5
vulnersOsv
vulnersOsv
added 2024/09/19 4:6 p.m.13 views

be.zvz:KotlinInside (>=1.14.0 <=1.16.2), com.connectrpc:connect-kotlin-google-javalite-ext (>=0.2.0 <=0.5.1) +14 more potentially affected by CVE-2024-7254 via com.google.protobuf:protobuf-kotlin-lite (>=3.17.1 <=3.25.3)

com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.17.1, =1.14.0, =0.2.0, =16.0.0-alpha01, =7.7.1, =7.7.1, =0.2.19, =2.1.23, =0.1.0, =0.3.1, =0.1.1, =0.1.1, =3.23.2, =0.100.0, =0.130.1 and more Source cves: CVE-2024-7254 Source advisory: OSV:GHSA-735F-PC8J-V9W8...

8.7CVSS6.8AI score0.02772EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/09/19 12:46 a.m.11 views

build.buf:protobuf-javalite (>=4.28.0 <=4.28.1), com.auroraoss:gplayapi (=3.4.2) +1 more potentially affected by CVE-2024-7254 via com.google.protobuf:protobuf-javalite (>=4.28.0-RC1 <=4.28.1)

com.google.protobuf:protobuf-javalite MAVEN version =4.28.0-RC1, =4.28.0, =4.28.0, =4.28.1 Source cves: CVE-2024-7254 Source advisory: SNYK:JAVA-COMGOOGLEPROTOBUF-9398723...

8.7CVSS6.8AI score0.02772EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/12/12 3:30 p.m.12 views

be.zvz:KotlinInside (>=1.14.0 <=1.14.6), com.google.protobuf:protobuf-kotlin-lite (>=3.20.0 <=3.20.2) +8 more potentially affected by CVE-2022-3509 via com.google.protobuf:protobuf-javalite (>=3.20.0 <=3.20.2)

com.google.protobuf:protobuf-javalite MAVEN version =3.20.0, =1.14.0, =3.20.0, =2.12.0, =2.12.0, =2.3.0, =0.2.4, =0.2.6 - io.github.dimensiondev:maskwalletcore =0.5.0 Source cves: CVE-2022-3509 Source advisory: OSV:GHSA-G5WW-5JH7-63CX...

7.5CVSS6.7AI score0.00567EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/04 10:17 p.m.6 views

be.zvz:KotlinInside (>=1.14.0 <=1.14.6), io.github.dimensiondev:maskwalletcore (=0.5.0) potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-kotlin-lite (>=3.20.0 <=3.20.1)

com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.20.0, =1.14.0, =1.14.6 - io.github.dimensiondev:maskwalletcore =0.5.0 Source cves: CVE-2022-3171 Source advisory: OSV:GHSA-H4H5-3HR4-J3G2...

7.5CVSS6.7AI score0.01048EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/04 10:17 p.m.4 views

com.google.ambient.crossdevice:crossdevice (=0.1.0-preview01), com.google.firebase:firebase-dataconnect (=16.0.0-beta01) +2 more potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-kotlin-lite (>=3.21.11 <=3.21.3)

com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.21.11, =3.21.3 is affected by a known vulnerability. The following packages have a transitive dependency on com.google.protobuf:protobuf-kotlin-lite and may be impacted: - com.google.ambient.crossdevice:crossdevice =0.1.0-preview01 -...

7.5CVSS6.7AI score0.01048EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/04 10:17 p.m.7 views

io.github.dimensiondev:maskwalletcore (>=0.1.0 <=0.4.1) potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-kotlin-lite (>=3.17.1 <=3.17.3)

com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.17.1, =0.1.0, =0.4.1 Source cves: CVE-2022-3171 Source advisory: OSV:GHSA-H4H5-3HR4-J3G2...

7.5CVSS6.7AI score0.01048EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/04 10:17 p.m.6 views

be.zvz:KotlinInside (>=1.14.0 <=1.14.6), com.google.protobuf:protobuf-kotlin-lite (>=3.20.0 <=3.20.2) +8 more potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-javalite (>=3.20.0-rc-1 <=3.20.2)

com.google.protobuf:protobuf-javalite MAVEN version =3.20.0-rc-1, =1.14.0, =3.20.0, =2.12.0, =2.12.0, =2.3.0, =0.2.4, =0.2.6 - io.github.dimensiondev:maskwalletcore =0.5.0 Source cves: CVE-2022-3171 Source advisory: OSV:GHSA-H4H5-3HR4-J3G2...

7.5CVSS6.7AI score0.01048EPSS
Exploits0
Rows per page
Query Builder