| Release | Version |
|---|---|
| stretch | 3.0.0-9 |
| buster | 3.6.1.3-2 |
| bullseye | 3.12.4-1 |
| bookworm | 3.12.4-1 |
| sid | 3.12.4-1 |
| Bug | stretch | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2021-22570 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Nullptr dereference when a null char is present in a proto symbol. The ... |
| CVE-2021-22569 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | An issue in protobuf-java allowed the interleaving of com.google.proto ... |
| Bug | stretch | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2015-5237 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | protobuf allows remote authenticated attackers to cause a heap-based b ... |