Information on source package protobuf

Available versions

ReleaseVersion
bullseye3.12.4-1+deb11u1
bookworm3.21.12-3
trixie3.21.12-9
sid3.21.12-9

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2024-7254vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableAny project that parses untrusted Protocol Buffers datacontaining an a ...
CVE-2022-3510vulnerable (no DSA, ignored)fixedfixedfixedA parsing issue similar to CVE-2022-3171, but with Message-Type Extens ...
CVE-2022-3509vulnerable (no DSA, ignored)fixedfixedfixedA parsing issue similar to CVE-2022-3171, but with textformat in proto ...
CVE-2022-3171vulnerable (no DSA, ignored)fixedfixedfixedA parsing issue with binary data in protobuf-java core and lite versio ...

Open unimportant issues

BugbullseyebookwormtrixiesidDescription
CVE-2015-5237vulnerablevulnerablevulnerablevulnerableprotobuf allows remote authenticated attackers to cause a heap-based b ...

Resolved issues

BugDescription
CVE-2024-2410The JsonToBinaryStream()function is part of the protocol buffers C++ i ...
CVE-2022-1941A parsing vulnerability for the MessageSet type in the ProtocolBuffers ...
CVE-2021-22570Nullptr dereference when a null char is present in a proto symbol. The ...
CVE-2021-22569An issue in protobuf-java allowed the interleaving of com.google.proto ...

Security announcements

DSA / DLADescription
DLA-3393-1protobuf - security update

Search for package or bug name: Reporting problems