CVE-2022-1941

CVE-2022-1941 affects Protocol Buffers parsing for protobuf-cpp and protobuf-python, causing out-of-memory and DoS on parsing malformed MessageSet inputs. Affected versions include protobuf-cpp up to 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1, 3.21.5 and protobuf-python up to 4.21.5, with 3.16/3.17 n...

CVE-2025-4565

CVE-2025-4565 affects the Protobuf Python backend (pure-Python) when parsing untrusted data with recursive groups/messages or SGROUP tags, potentially causing denial of service via RecursionError. Public details in connected documents specify a fix path: upgrade to protobuf 6.31.1 or newer (commi...