282 matches found
SUSE SLED15: libprotobuf-lite25_1_0 / libprotobuf-lite25_1_0-32bit / etc (SUSE-SU-2025:02311-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02311-1 advisory. - CVE-2025-4565: Fix parsing of untrusted Protocol Buffers data containing an arbitrary number of...
SUSE SLES15 Security Update : protobuf (SUSE-SU-2025:02309-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02309-1 advisory. - CVE-2025-4565: Fix parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages that can lea...
OESA-2025-1801 protobuf security update
Security Fixes: Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of...
Ubuntu: Security Advisory (USN-7629-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : Protocol Buffers vulnerabilities (USN-7629-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7629-1 advisory. It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Python bindings. An...
USN-7629-1 protobuf vulnerabilities
It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Python bindings. An attacker could possibly use this issue to cause a denial of service. CVE-2025-4565 It was discovered that Protocol Buffers incorrectly handled memory when receiving...
USN-7629-1: Protocol Buffers vulnerabilities
It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Python bindings. An attacker could possibly use this issue to cause a denial of service. CVE-2025-4565 It was discovered that Protocol Buffers incorrectly handled memory when receiving...
[SECURITY] Fedora 42 Update: qt6-qtgrpc-6.9.1-1.fc42
Protocol Buffers Protobuf is a cross-platform data format used to serialize structured data. gRPC provides a remote procedure call framework based on Protobuf. Qt provides tooling and classes to use these technologies...
protobuf: StackOverflow vulnerability in Protocol Buffers
A flaw was found in Protocol Buffers protobuf. This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion...
protobuf: message parsing vulnerability in ProtocolBuffers
A parsing vulnerability for the MessageSet type in the ProtocolBuffers can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input...
ALSA-2025:7138 Moderate: protobuf security update
The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fixes: protobuf: message parsin...
Moderate: protobuf security update
The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fixes: protobuf: message parsin...
Oracle MySQL Connectors CVE-2024-7254 (April 2025 CPU)
The 9.0.0 and 9.2.0 versions of MySQL Connectors installed on the remote host is affected by CVE-2024-7254 as referenced in the April 2025 CPU advisory. - Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted ...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6
Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6 Vulnerability Details CVEID:CVE-2024-2398 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a memory le...
Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : Protocol Buffers vulnerability (USN-7435-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7435-1 advisory. It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Java bindings. An attacker could...
USN-7435-1: Protocol Buffers vulnerability
It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Java bindings. An attacker could possibly use this issue to cause a denial of service...
Meshtastic 安全漏洞
Meshtastic is a decentralized wireless off-grid mesh network LoRa protocol open-sourced by Meshtastic. A security vulnerability exists in Meshtastic versions prior to 2.6.2 that stems from a buffer overflow when processing invalid protobuf data, which could lead to remote code execution...
Security Bulletin: IBM Match 360 is vulnerable to a denial of service from IBM WebSphere Application Server Liberty vulnerability found in Google Protocol Buffers (CVE-2024-7254)
Summary IBM Match 360 is vulnerable to a denial service from IBM WebSphere Application Server Liberty use of vulnerable Google Protocol Buffers. This affects IBM WebSphere Application Server Liberty 20.0.0.12 - 24.0.0.10 with the specified features enabled. Any project that parses untrusted...
SUSE-SU-2025:20155-1 Security update for protobuf
This update for protobuf fixes the following issues: - CVE-2024-2410: Fixed use after free when parsing JSON from a stream bsc1223947...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Protocol Buffers protobuf-go
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Protocol Buffers protobuf-go. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION: Protocol Buffers protobuf-go is vulnerable to a denial of service, caused by an infinite loop flaw in the rotojson.Unmarshal function wh...