9 matches found
CLSA-2026-1772453362 protobuf: Fix of CVE-2026-0994
CVE-2026-0994: recursion depth bypass in jsonformat.ParseDict...
protobuf security update
An update is available for protobuf. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The protobuf packages provide Protocol Buffers, Google's data interchange...
CVE-2026-0994 affecting package pytorch for versions less than 2.0.0-14
CVE-2026-0994 affecting package pytorch for versions less than 2.0.0-14. A patched version of the package is available...
Security update for protobuf
This update for protobuf fixes the following issues:i CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
CVE-2026-0994 affecting package mysql for versions less than 8.0.45-2
CVE-2026-0994 affecting package mysql for versions less than 8.0.45-2. A patched version of the package is available...
SUSE SLED15: libprotobuf-lite25_1_0 / libprotobuf-lite25_1_0-32bit / etc (SUSE-SU-2026:0374-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0374-1 advisory. - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict...
CVE-2026-0994
A flaw was found in protobuf. A remote attacker can exploit this denial-of-service DoS vulnerability by supplying deeply nested google.protobuf.Any messages to the google.protobuf.jsonformat.ParseDict function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’...
CVE-2026-0994
creationtimestamp| type| source ---|---|--- 2026-01-24 21:22:23+00:00| seen| https://gist.github.com/alon710/5baa2e680f8acff42001de482f43ce99 2026-01-24 22:16:11+00:00| seen| https://gist.github.com/alon710/66c5ee0ebadec10c9308f424b9b41e6c 2026-01-24 22:16:14+00:00| seen|...
CVE-2026-0994
A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...