Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : Protocol Buffers vulnerability (USN-7435-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7435-1 advisory. It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Java bindings. An attacker could...

USN-7435-1: Protocol Buffers vulnerability

It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Java bindings. An attacker could possibly use this issue to cause a denial of service...

IBM WebSphere Application Server Liberty 20.0.0.12 < 24.0.0.11 DoS (7173097)

The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a DoS vulnerability as referenced in the 7173097 advisory. - Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can...

protobuf: StackOverflow vulnerability in Protocol Buffers

A flaw was found in Protocol Buffers protobuf. This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion...

AZL-38908 CVE-2022-1941 affecting package tensorflow for versions less than 2.16.1-1

A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of...