4 matches found
CVE-2022-20203
In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2022-14432 · Nanopb · Nanopb
Name of the Vulnerable Software and Affected Versions: nanopb library affected versions not specified Description: The issue concerns the nanopb library, where decoding untrusted protobuf files can lead to memory corruption. This could result in local escalation of privilege without requiring...
Tutorial: How to Build Your First Node.js gRPC API
Compared to other API technologies like REST and GraphQL, gRPC is lightweight and exceptionally robust, thanks in large part to its use of protobufs. Interested in exploring how to build your own API? Read on to see how easy it is to do so with Node.js and gRPC...
CVE-2020-15206
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...