Lucene search
K
GoogleProtobuf

5 matches found

CVE
CVE
added 2024/09/19 12:18 a.m.6261 views

CVE-2024-7254

CVE-2024-7254 describes a stack overflow DoS in parsers when handling untrusted Protocol Buffers data with deeply nested SGROUP/group structures. The root cause is unbounded recursion when parsing unknown fields (DiscardUnknownFieldsParser) or Java Protobuf Lite against nested groups or map field...

8.7CVSS6.8AI score0.02772EPSS
CVE
CVE
added 2022/01/26 12:0 a.m.695 views

CVE-2021-22570

CVE-2021-22570 affects Protocol Buffers (protobuf). A null character in a proto symbol is parsed incorrectly, causing a null pointer dereference via an unchecked access to the proto file name during error message generation. The issue can enable denial of service or memory access instability as d...

6.5CVSS6.5AI score0.0266EPSS
CVE
CVE
added 2026/01/23 2:55 p.m.258 views

CVE-2026-0994

CVE-2026-0994 affects google.protobuf.json_format.ParseDict() in Python. The root cause is missing recursion depth accounting inside the internal Any-handling logic, allowing crafting deeply nested google.protobuf.Any structures to bypass the max_recursion_depth limit, exhausting Python’s recursi...

8.2CVSS5.6AI score0.00613EPSS
CVE
CVE
added 2017/09/25 5:0 p.m.163 views

CVE-2015-5237

CVE-2015-5237 affects Google Protocol Buffers (protobuf). Root cause: integer/heap overflow in MessageLite::SerializeToString leading to a heap‑based buffer overflow. Exploitation could enable remote code execution or denial of service by remote authenticated attackers. In IBM DataStage for Cloud...

8.8CVSS8.2AI score0.05106EPSS
CVE
CVE
added 2024/05/03 12:58 p.m.89 views

CVE-2024-2410

CVE-2024-2410 concerns a use-after-free in the JsonToBinaryStream() function of the protocol buffers C++ implementation when parsing JSON from a stream with certain chunking. The issue is triggered by reading from a freed chunk, as described in multiple connected documents. Concrete details acros...

9.8CVSS7.3AI score0.00332EPSS