Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to protobuf-java (CVE-2024-7254)

Summary protobuf-java is vulnerable to a StackOverflow attack. This vulnerability affects IBM Spectrum Control. CVE-2024-7254. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of...

CVE-2024-7254

A flaw was found in Protocol Buffers protobuf. This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion. Mitigation Mitigation for this issue is either not available or the...