Google Protobuf
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Google Protobuf.
By the Year
In 2025 there have been 0 vulnerabilities in Google Protobuf. Protobuf did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 5.50 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Protobuf vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Google Protobuf Security Vulnerabilities
Nullptr dereference when a null char is present in a proto symbol
CVE-2021-22570
5.5 - Medium
- January 26, 2022
Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.
NULL Pointer Dereference
protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.
CVE-2015-5237
8.8 - High
- September 25, 2017
protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by Google? Click the Watch button to subscribe.
