Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Protobuf
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-22570 5 Debian, Fedoraproject, Google and 2 more 8 Debian Linux, Fedora, Protobuf and 5 more 2024-11-21 2.1 LOW 6.5 MEDIUM
Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.
CVE-2015-5237 1 Google 1 Protobuf 2024-11-21 6.5 MEDIUM 8.8 HIGH
protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.