Google Protobuf Python
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Google Protobuf Python.
By the Year
In 2026 there have been 0 vulnerabilities in Google Protobuf Python. Last year, in 2025 Protobuf Python had 1 security vulnerability published. Right now, Protobuf Python is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 5.30 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 7.50 |
It may take a day or so for new Protobuf Python vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Google Protobuf Python Security Vulnerabilities
CVE-2025-4565: DOS via RecursionError in Protobuf Pure-Python <=6.31.1
CVE-2025-4565
5.3 - Medium
- June 16, 2025
Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901
Protobuf MessageSet OOM DoS before 3.18.3 (cpp/python)
CVE-2022-1941
7.5 - High
- September 22, 2022
A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Google Protobuf Python or by Google? Click the Watch button to subscribe.
