com.squareup.wire:com.squareup.wire.gradle.plugin (>=7.0.0-alpha01 <=7.0.0-alpha02), com.squareup.wire:wire-compiler (>=7.0.0-alpha01 <=7.0.0-alpha02) +11 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime-jvm (>=7.0.0-alpha01 <=7.0.0-alpha02)

com.squareup.wire:wire-runtime-jvm MAVEN version =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha02 Source...

CVE-2024-58103

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

GHSA-PWF9-Q62P-V7WC Wire has Uncontrolled Recursion on Nested Groups

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

CVE-2024-58103

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

Square Wire 安全漏洞

Square Wire is an open source protocol buffer processing library open-sourced by Square in the United States, mainly used for efficient data serialization and deserialization. A security vulnerability exists in Square Wire versions prior to 5.2.0, which stems from not enforcing a recursion...

CVE-2024-58103

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

CVE-2024-58103

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

CVE-2024-58103

CVE-2024-58103 affects Square Wire prior to 5.2.0, where ByteArrayProtoReader32.kt and ProtoReader.kt do not enforce a recursion limit on nested groups. Root cause: lack of recursion depth limit in the reader implementation, enabling deeply nested structures that can lead to resource exhaustion. ...