Google Protobuf
By the Year
In 2023 there have been 0 vulnerabilities in Google Protobuf . Last year Protobuf had 1 security vulnerability published. Right now, Protobuf is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 1 | 5.50 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Protobuf vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Google Protobuf Security Vulnerabilities
Nullptr dereference when a null char is present in a proto symbol
CVE-2021-22570
5.5 - Medium
- January 26, 2022
Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.
NULL Pointer Dereference
protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.
CVE-2015-5237
8.8 - High
- September 25, 2017
protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by Google? Click the Watch button to subscribe.
