VYPR
Medium severity5.8OSV Advisory· Published Mar 16, 2025· Updated Apr 15, 2026

CVE-2024-58103

CVE-2024-58103

Description

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
com.squareup.wire:wire-runtimeMaven
< 5.2.05.2.0

Affected products

14

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.