5 matches found
CVE-2024-58103
Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to improper enforcement of recursion limits in ByteArrayProtoReader32.kt and ProtoReader.kt. An attacker can cause a denial of service by sending deeply nested group structures. Remediation Upgrade...
CVE-2024-58103
Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...
CVE-2024-58103
CVE-2024-58103 affects Square Wire prior to 5.2.0, where ByteArrayProtoReader32.kt and ProtoReader.kt do not enforce a recursion limit on nested groups. Root cause: lack of recursion depth limit in the reader implementation, enabling deeply nested structures that can lead to resource exhaustion. ...
CVE-2024-58103
Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...