10 matches found
GHSA-735F-PC8J-V9W8 protobuf-java has potential Denial of Service issue
Summary When parsing unknown fields in the Protobuf Java Lite and Full library, a maliciously crafted message can cause a StackOverflow error and lead to a program crash. Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team Affected versions: This issue affects all versions of both t...
ai.cheq.sst.android:cheq-sst-kotlin-protobuf (>=0.1.0 <=0.1.3), com.android.designcompose:common (>=0.29.1 <=0.30.0-rc02) +1 more potentially affected by CVE-2024-7254 via com.google.protobuf:protobuf-kotlin-lite (>=4.26.0 <=4.27.3)
com.google.protobuf:protobuf-kotlin-lite MAVEN version =4.26.0, =0.1.0, =0.29.1, =0.6.0, =0.7.0 Source cves: CVE-2024-7254 Source advisory: OSV:GHSA-735F-PC8J-V9W8...
protobuf-java has potential Denial of Service issue
Summary When parsing unknown fields in the Protobuf Java Lite and Full library, a maliciously crafted message can cause a StackOverflow error and lead to a program crash. Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team Affected versions: This issue affects all versions of both t...
be.zvz:KotlinInside (>=1.14.0 <=1.16.2), com.connectrpc:connect-kotlin-google-javalite-ext (>=0.2.0 <=0.5.1) +14 more potentially affected by CVE-2024-7254 via com.google.protobuf:protobuf-kotlin-lite (>=3.17.1 <=3.25.3)
com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.17.1, =1.14.0, =0.2.0, =16.0.0-alpha01, =7.7.1, =7.7.1, =0.2.19, =2.1.23, =0.1.0, =0.3.1, =0.1.1, =0.1.1, =3.23.2, =0.100.0, =0.130.1 and more Source cves: CVE-2024-7254 Source advisory: OSV:GHSA-735F-PC8J-V9W8...
build.buf:protobuf-javalite (>=4.28.0 <=4.28.1), com.auroraoss:gplayapi (=3.4.2) +1 more potentially affected by CVE-2024-7254 via com.google.protobuf:protobuf-javalite (>=4.28.0-RC1 <=4.28.1)
com.google.protobuf:protobuf-javalite MAVEN version =4.28.0-RC1, =4.28.0, =4.28.0, =4.28.1 Source cves: CVE-2024-7254 Source advisory: SNYK:JAVA-COMGOOGLEPROTOBUF-9398723...
be.zvz:KotlinInside (>=1.14.0 <=1.14.6), com.google.protobuf:protobuf-kotlin-lite (>=3.20.0 <=3.20.2) +8 more potentially affected by CVE-2022-3509 via com.google.protobuf:protobuf-javalite (>=3.20.0 <=3.20.2)
com.google.protobuf:protobuf-javalite MAVEN version =3.20.0, =1.14.0, =3.20.0, =2.12.0, =2.12.0, =2.3.0, =0.2.4, =0.2.6 - io.github.dimensiondev:maskwalletcore =0.5.0 Source cves: CVE-2022-3509 Source advisory: OSV:GHSA-G5WW-5JH7-63CX...
be.zvz:KotlinInside (>=1.14.0 <=1.14.6), io.github.dimensiondev:maskwalletcore (=0.5.0) potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-kotlin-lite (>=3.20.0 <=3.20.1)
com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.20.0, =1.14.0, =1.14.6 - io.github.dimensiondev:maskwalletcore =0.5.0 Source cves: CVE-2022-3171 Source advisory: OSV:GHSA-H4H5-3HR4-J3G2...
com.google.ambient.crossdevice:crossdevice (=0.1.0-preview01), com.google.firebase:firebase-dataconnect (=16.0.0-beta01) +2 more potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-kotlin-lite (>=3.21.11 <=3.21.3)
com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.21.11, =3.21.3 is affected by a known vulnerability. The following packages have a transitive dependency on com.google.protobuf:protobuf-kotlin-lite and may be impacted: - com.google.ambient.crossdevice:crossdevice =0.1.0-preview01 -...
io.github.dimensiondev:maskwalletcore (>=0.1.0 <=0.4.1) potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-kotlin-lite (>=3.17.1 <=3.17.3)
com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.17.1, =0.1.0, =0.4.1 Source cves: CVE-2022-3171 Source advisory: OSV:GHSA-H4H5-3HR4-J3G2...
be.zvz:KotlinInside (>=1.14.0 <=1.14.6), com.google.protobuf:protobuf-kotlin-lite (>=3.20.0 <=3.20.2) +8 more potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-javalite (>=3.20.0-rc-1 <=3.20.2)
com.google.protobuf:protobuf-javalite MAVEN version =3.20.0-rc-1, =1.14.0, =3.20.0, =2.12.0, =2.12.0, =2.3.0, =0.2.4, =0.2.6 - io.github.dimensiondev:maskwalletcore =0.5.0 Source cves: CVE-2022-3171 Source advisory: OSV:GHSA-H4H5-3HR4-J3G2...