Protobuf Google Protobuf

Do you want an email whenever new security vulnerabilities are reported in Google Protobuf?

By the Year

In 2022 there have been 1 vulnerability in Google Protobuf with an average score of 5.5 out of ten. Protobuf did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2022 as compared to last year.

Year Vulnerabilities Average Score
2022 1 5.50
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Protobuf vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Google Protobuf Security Vulnerabilities

Nullptr dereference when a null char is present in a proto symbol

CVE-2021-22570 5.5 - Medium - January 26, 2022

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.

NULL Pointer Dereference

protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.

CVE-2015-5237 8.8 - High - September 25, 2017

protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.

Memory Corruption

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Google Protobuf or by Google? Click the Watch button to subscribe.

Google
Vendor

subscribe