CVE-2024-7254
- EPSS 0.08%
- Veröffentlicht 19.09.2024 01:15:10
- Zuletzt bearbeitet 26.09.2025 17:10:19
Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknown...
CVE-2022-3509
- EPSS 0.1%
- Veröffentlicht 12.12.2022 13:15:14
- Zuletzt bearbeitet 22.04.2025 15:15:59
A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded mes...
CVE-2022-3510
- EPSS 0.06%
- Veröffentlicht 12.12.2022 13:15:14
- Zuletzt bearbeitet 22.04.2025 15:15:59
A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated...
CVE-2022-3171
- EPSS 0.08%
- Veröffentlicht 12.10.2022 23:15:09
- Zuletzt bearbeitet 21.11.2024 07:18:58
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknow...