High severityNVD Advisory· Published Sep 19, 2024· Updated Sep 8, 2025
Stack overflow in Protocol Buffers Java Lite
CVE-2024-7254
Description
Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.google.protobuf:protobuf-javaMaven | < 3.25.5 | 3.25.5 |
com.google.protobuf:protobuf-javaliteMaven | < 3.25.5 | 3.25.5 |
com.google.protobuf:protobuf-kotlinMaven | < 3.25.5 | 3.25.5 |
com.google.protobuf:protobuf-kotlin-liteMaven | < 3.25.5 | 3.25.5 |
google-protobufRubyGems | < 3.25.5 | 3.25.5 |
google-protobufRubyGems | >= 4.0.0.rc.1, < 4.27.5 | 4.27.5 |
google-protobufRubyGems | >= 4.28.0.rc.1, < 4.28.2 | 4.28.2 |
com.google.protobuf:protobuf-kotlin-liteMaven | >= 4.0.0-RC1, < 4.27.5 | 4.27.5 |
com.google.protobuf:protobuf-kotlin-liteMaven | >= 4.28.0-RC1, < 4.28.2 | 4.28.2 |
com.google.protobuf:protobuf-kotlinMaven | >= 4.0.0-RC1, < 4.27.5 | 4.27.5 |
com.google.protobuf:protobuf-kotlinMaven | >= 4.28.0-RC1, < 4.28.2 | 4.28.2 |
com.google.protobuf:protobuf-javaliteMaven | >= 4.0.0-RC1, < 4.27.5 | 4.27.5 |
com.google.protobuf:protobuf-javaliteMaven | >= 4.28.0-RC1, < 4.28.2 | 4.28.2 |
com.google.protobuf:protobuf-javaMaven | >= 4.0.0-RC1, < 4.27.5 | 4.27.5 |
com.google.protobuf:protobuf-javaMaven | >= 4.28.0-RC1, < 4.28.2 | 4.28.2 |
Affected products
392- osv-coords386 versionspkg:apk/chainguard/apache-nifipkg:apk/chainguard/apache-nifi-compatpkg:apk/chainguard/apache-nifi-toolkitpkg:apk/chainguard/camunda-zeebepkg:apk/chainguard/camunda-zeebe-8.6pkg:apk/chainguard/camunda-zeebe-8.6-compatpkg:apk/chainguard/camunda-zeebe-compatpkg:apk/chainguard/celeborn-0.5pkg:apk/chainguard/celeborn-0.6pkg:apk/chainguard/confluent-kafkapkg:apk/chainguard/confluent-kafka-jre-bcfipspkg:apk/chainguard/debezium-connector-spanner-3.3pkg:apk/chainguard/elasticsearch-7pkg:apk/chainguard/elasticsearch-7-bitnamipkg:apk/chainguard/elasticsearch-7-iamguardedpkg:apk/chainguard/elasticsearch-8pkg:apk/chainguard/elasticsearch-8-bitnamipkg:apk/chainguard/elasticsearch-8-configpkg:apk/chainguard/elasticsearch-8-iamguardedpkg:apk/chainguard/elasticsearch-configpkg:apk/chainguard/elasticsearch-fips-8pkg:apk/chainguard/elasticsearch-fips-8-bitnamipkg:apk/chainguard/elasticsearch-fips-8-configpkg:apk/chainguard/elasticsearch-fips-8-policy-140-2pkg:apk/chainguard/elasticsearch-fips-8-policy-140-3pkg:apk/chainguard/emsdkpkg:apk/chainguard/grpc-java-fips-1.56.0pkg:apk/chainguard/grpc-java-fips-1.56.0-m2pkg:apk/chainguard/hadoop-client-modulespkg:apk/chainguard/hadoop-thirdpartypkg:apk/chainguard/kafka-3.7pkg:apk/chainguard/kafka-3.8pkg:apk/chainguard/kafka-bitnami-compat-3.7pkg:apk/chainguard/kafka-bitnami-compat-3.8pkg:apk/chainguard/kafka-jre-bcfipspkg:apk/chainguard/knative-kafka-broker-1.17-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-1.17-receiver-loompkg:apk/chainguard/kserve-modelmeshpkg:apk/chainguard/kserve-modelmesh-compatpkg:apk/chainguard/kube-fluentd-operatorpkg:apk/chainguard/kube-fluentd-operator-compatpkg:apk/chainguard/kube-fluentd-operator-default-configpkg:apk/chainguard/kube-fluentd-operator-oci-entrypointpkg:apk/chainguard/neo4jpkg:apk/chainguard/neo4j-oci-entrypointpkg:apk/chainguard/opensearch-2pkg:apk/chainguard/opensearch-2-alertingpkg:apk/chainguard/opensearch-2-analysis-icupkg:apk/chainguard/opensearch-2-analysis-kuromojipkg:apk/chainguard/opensearch-2-analysis-noripkg:apk/chainguard/opensearch-2-analysis-phoneticpkg:apk/chainguard/opensearch-2-analysis-smartcnpkg:apk/chainguard/opensearch-2-analysis-stempelpkg:apk/chainguard/opensearch-2-analysis-ukrainianpkg:apk/chainguard/opensearch-2-anomaly-detectionpkg:apk/chainguard/opensearch-2-asynchronous-searchpkg:apk/chainguard/opensearch-2-cross-cluster-replicationpkg:apk/chainguard/opensearch-2-crypto-kmspkg:apk/chainguard/opensearch-2-custom-codecspkg:apk/chainguard/opensearch-2-discovery-azure-classicpkg:apk/chainguard/opensearch-2-discovery-ec2pkg:apk/chainguard/opensearch-2-discovery-gcepkg:apk/chainguard/opensearch-2-entrypoint-compatpkg:apk/chainguard/opensearch-2-geospatialpkg:apk/chainguard/opensearch-2-identity-shiropkg:apk/chainguard/opensearch-2-index-managementpkg:apk/chainguard/opensearch-2-ingest-attachmentpkg:apk/chainguard/opensearch-2-job-schedulerpkg:apk/chainguard/opensearch-2-jre-bcfipspkg:apk/chainguard/opensearch-2-jre-bcfips-alertingpkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-icupkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-kuromojipkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-noripkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-phoneticpkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-smartcnpkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-stempelpkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-ukrainianpkg:apk/chainguard/opensearch-2-jre-bcfips-anomaly-detectionpkg:apk/chainguard/opensearch-2-jre-bcfips-asynchronous-searchpkg:apk/chainguard/opensearch-2-jre-bcfips-cross-cluster-replicationpkg:apk/chainguard/opensearch-2-jre-bcfips-crypto-kmspkg:apk/chainguard/opensearch-2-jre-bcfips-custom-codecspkg:apk/chainguard/opensearch-2-jre-bcfips-discovery-azure-classicpkg:apk/chainguard/opensearch-2-jre-bcfips-discovery-ec2pkg:apk/chainguard/opensearch-2-jre-bcfips-discovery-gcepkg:apk/chainguard/opensearch-2-jre-bcfips-geospatialpkg:apk/chainguard/opensearch-2-jre-bcfips-identity-shiropkg:apk/chainguard/opensearch-2-jre-bcfips-index-managementpkg:apk/chainguard/opensearch-2-jre-bcfips-ingest-attachmentpkg:apk/chainguard/opensearch-2-jre-bcfips-job-schedulerpkg:apk/chainguard/opensearch-2-jre-bcfips-k-nnpkg:apk/chainguard/opensearch-2-jre-bcfips-mapper-annotated-textpkg:apk/chainguard/opensearch-2-jre-bcfips-mapper-murmur3pkg:apk/chainguard/opensearch-2-jre-bcfips-mapper-sizepkg:apk/chainguard/opensearch-2-jre-bcfips-ml-commonspkg:apk/chainguard/opensearch-2-jre-bcfips-neural-searchpkg:apk/chainguard/opensearch-2-jre-bcfips-notificationspkg:apk/chainguard/opensearch-2-jre-bcfips-observabilitypkg:apk/chainguard/opensearch-2-jre-bcfips-performance-analyzerpkg:apk/chainguard/opensearch-2-jre-bcfips-reportingpkg:apk/chainguard/opensearch-2-jre-bcfips-repository-azurepkg:apk/chainguard/opensearch-2-jre-bcfips-repository-gcspkg:apk/chainguard/opensearch-2-jre-bcfips-repository-s3pkg:apk/chainguard/opensearch-2-jre-bcfips-securitypkg:apk/chainguard/opensearch-2-jre-bcfips-security-analyticspkg:apk/chainguard/opensearch-2-jre-bcfips-sqlpkg:apk/chainguard/opensearch-2-jre-bcfips-store-smbpkg:apk/chainguard/opensearch-2-jre-bcfips-telemetry-otelpkg:apk/chainguard/opensearch-2-jre-bcfips-transport-niopkg:apk/chainguard/opensearch-2-k-nnpkg:apk/chainguard/opensearch-2-mapper-annotated-textpkg:apk/chainguard/opensearch-2-mapper-murmur3pkg:apk/chainguard/opensearch-2-mapper-sizepkg:apk/chainguard/opensearch-2-ml-commonspkg:apk/chainguard/opensearch-2-neural-searchpkg:apk/chainguard/opensearch-2-notificationspkg:apk/chainguard/opensearch-2-observabilitypkg:apk/chainguard/opensearch-2-performance-analyzerpkg:apk/chainguard/opensearch-2-reportingpkg:apk/chainguard/opensearch-2-repository-azurepkg:apk/chainguard/opensearch-2-repository-gcspkg:apk/chainguard/opensearch-2-repository-s3pkg:apk/chainguard/opensearch-2-securitypkg:apk/chainguard/opensearch-2-security-analyticspkg:apk/chainguard/opensearch-2-sqlpkg:apk/chainguard/opensearch-2-store-smbpkg:apk/chainguard/opensearch-2-telemetry-otelpkg:apk/chainguard/opensearch-2-transport-niopkg:apk/chainguard/ruby3.1-fluentd-kubernetes-daemonset-1.16pkg:apk/chainguard/ruby3.1-fluentd-kubernetes-daemonset-1.16-kinesispkg:apk/chainguard/ruby3.2-fluentd-kubernetes-daemonset-1.16pkg:apk/chainguard/ruby3.2-fluentd-kubernetes-daemonset-1.16-kinesispkg:apk/chainguard/ruby3.3-fluentd-kubernetes-daemonset-1.16pkg:apk/chainguard/ruby3.3-fluentd-kubernetes-daemonset-1.16-kinesispkg:apk/chainguard/ruby3.4-fluentd-kubernetes-daemonset-1.16pkg:apk/chainguard/ruby3.4-fluentd-kubernetes-daemonset-1.16-kinesispkg:apk/chainguard/sonarqube-10pkg:apk/chainguard/sonarqube-10-docker-compatpkg:apk/chainguard/sonarqube-10-scriptspkg:apk/chainguard/tezpkg:apk/chainguard/thingsboardpkg:apk/chainguard/thingsboard-tb-js-executorpkg:apk/chainguard/thingsboard-tb-mqtt-transportpkg:apk/chainguard/thingsboard-tb-nodepkg:apk/chainguard/thingsboard-tb-web-uipkg:apk/chainguard/trinopkg:apk/chainguard/trino-configpkg:apk/chainguard/trino-oci-entrypointpkg:apk/chainguard/trino-plugin-accumulopkg:apk/chainguard/trino-plugin-ai-functionspkg:apk/chainguard/trino-plugin-atoppkg:apk/chainguard/trino-plugin-bigquerypkg:apk/chainguard/trino-plugin-blackholepkg:apk/chainguard/trino-plugin-cassandrapkg:apk/chainguard/trino-plugin-clickhousepkg:apk/chainguard/trino-plugin-delta-lakepkg:apk/chainguard/trino-plugin-druidpkg:apk/chainguard/trino-plugin-duckdbpkg:apk/chainguard/trino-plugin-elasticsearchpkg:apk/chainguard/trino-plugin-example-httppkg:apk/chainguard/trino-plugin-exasolpkg:apk/chainguard/trino-plugin-exchange-filesystempkg:apk/chainguard/trino-plugin-exchange-hdfspkg:apk/chainguard/trino-plugin-fakerpkg:apk/chainguard/trino-plugin-functions-pythonpkg:apk/chainguard/trino-plugin-geospatialpkg:apk/chainguard/trino-plugin-google-sheetspkg:apk/chainguard/trino-plugin-hivepkg:apk/chainguard/trino-plugin-http-event-listenerpkg:apk/chainguard/trino-plugin-http-server-event-listenerpkg:apk/chainguard/trino-plugin-hudipkg:apk/chainguard/trino-plugin-icebergpkg:apk/chainguard/trino-plugin-ignitepkg:apk/chainguard/trino-plugin-jmxpkg:apk/chainguard/trino-plugin-kafkapkg:apk/chainguard/trino-plugin-kafka-event-listenerpkg:apk/chainguard/trino-plugin-kinesispkg:apk/chainguard/trino-plugin-kudupkg:apk/chainguard/trino-plugin-lakehousepkg:apk/chainguard/trino-plugin-ldap-group-providerpkg:apk/chainguard/trino-plugin-local-filepkg:apk/chainguard/trino-plugin-lokipkg:apk/chainguard/trino-plugin-mariadbpkg:apk/chainguard/trino-plugin-memorypkg:apk/chainguard/trino-plugin-mlpkg:apk/chainguard/trino-plugin-mongodbpkg:apk/chainguard/trino-plugin-mysqlpkg:apk/chainguard/trino-plugin-mysql-event-listenerpkg:apk/chainguard/trino-plugin-opapkg:apk/chainguard/trino-plugin-openlineagepkg:apk/chainguard/trino-plugin-opensearchpkg:apk/chainguard/trino-plugin-oraclepkg:apk/chainguard/trino-plugin-password-authenticatorspkg:apk/chainguard/trino-plugin-phoenix5pkg:apk/chainguard/trino-plugin-pinotpkg:apk/chainguard/trino-plugin-postgresqlpkg:apk/chainguard/trino-plugin-prometheuspkg:apk/chainguard/trino-plugin-rangerpkg:apk/chainguard/trino-plugin-raptor-legacypkg:apk/chainguard/trino-plugin-redispkg:apk/chainguard/trino-plugin-redshiftpkg:apk/chainguard/trino-plugin-resource-group-managerspkg:apk/chainguard/trino-plugin-session-property-managerspkg:apk/chainguard/trino-plugin-singlestorepkg:apk/chainguard/trino-plugin-snowflakepkg:apk/chainguard/trino-plugin-spooling-filesystempkg:apk/chainguard/trino-plugin-sqlserverpkg:apk/chainguard/trino-plugin-teradata-functionspkg:apk/chainguard/trino-plugin-thriftpkg:apk/chainguard/trino-plugin-tpcdspkg:apk/chainguard/trino-plugin-tpchpkg:apk/chainguard/trino-plugin-verticapkg:apk/chainguard/wavefront-proxypkg:apk/chainguard/wavefront-proxy-compatpkg:apk/chainguard/wavefront-proxy-configpkg:apk/chainguard/wavefront-proxy-licensespkg:apk/chainguard/wavefront-proxy-oci-entrypointpkg:apk/wolfi/apache-nifipkg:apk/wolfi/apache-nifi-compatpkg:apk/wolfi/apache-nifi-toolkitpkg:apk/wolfi/celeborn-0.5pkg:apk/wolfi/celeborn-0.6pkg:apk/wolfi/confluent-kafkapkg:apk/wolfi/kafka-3.8pkg:apk/wolfi/kafka-bitnami-compat-3.8pkg:apk/wolfi/kserve-modelmeshpkg:apk/wolfi/kserve-modelmesh-compatpkg:apk/wolfi/kube-fluentd-operatorpkg:apk/wolfi/kube-fluentd-operator-compatpkg:apk/wolfi/kube-fluentd-operator-default-configpkg:apk/wolfi/kube-fluentd-operator-oci-entrypointpkg:apk/wolfi/neo4jpkg:apk/wolfi/neo4j-oci-entrypointpkg:apk/wolfi/opensearch-2pkg:apk/wolfi/opensearch-2-alertingpkg:apk/wolfi/opensearch-2-analysis-icupkg:apk/wolfi/opensearch-2-analysis-kuromojipkg:apk/wolfi/opensearch-2-analysis-noripkg:apk/wolfi/opensearch-2-analysis-phoneticpkg:apk/wolfi/opensearch-2-analysis-smartcnpkg:apk/wolfi/opensearch-2-analysis-stempelpkg:apk/wolfi/opensearch-2-analysis-ukrainianpkg:apk/wolfi/opensearch-2-anomaly-detectionpkg:apk/wolfi/opensearch-2-asynchronous-searchpkg:apk/wolfi/opensearch-2-cross-cluster-replicationpkg:apk/wolfi/opensearch-2-crypto-kmspkg:apk/wolfi/opensearch-2-custom-codecspkg:apk/wolfi/opensearch-2-discovery-azure-classicpkg:apk/wolfi/opensearch-2-discovery-ec2pkg:apk/wolfi/opensearch-2-discovery-gcepkg:apk/wolfi/opensearch-2-geospatialpkg:apk/wolfi/opensearch-2-identity-shiropkg:apk/wolfi/opensearch-2-index-managementpkg:apk/wolfi/opensearch-2-ingest-attachmentpkg:apk/wolfi/opensearch-2-job-schedulerpkg:apk/wolfi/opensearch-2-k-nnpkg:apk/wolfi/opensearch-2-mapper-annotated-textpkg:apk/wolfi/opensearch-2-mapper-murmur3pkg:apk/wolfi/opensearch-2-mapper-sizepkg:apk/wolfi/opensearch-2-ml-commonspkg:apk/wolfi/opensearch-2-neural-searchpkg:apk/wolfi/opensearch-2-notificationspkg:apk/wolfi/opensearch-2-observabilitypkg:apk/wolfi/opensearch-2-performance-analyzerpkg:apk/wolfi/opensearch-2-reportingpkg:apk/wolfi/opensearch-2-repository-azurepkg:apk/wolfi/opensearch-2-repository-gcspkg:apk/wolfi/opensearch-2-repository-s3pkg:apk/wolfi/opensearch-2-securitypkg:apk/wolfi/opensearch-2-security-analyticspkg:apk/wolfi/opensearch-2-sqlpkg:apk/wolfi/opensearch-2-store-smbpkg:apk/wolfi/opensearch-2-telemetry-otelpkg:apk/wolfi/opensearch-2-transport-niopkg:apk/wolfi/sonarqube-10pkg:apk/wolfi/sonarqube-10-docker-compatpkg:apk/wolfi/sonarqube-10-scriptspkg:apk/wolfi/tezpkg:apk/wolfi/thingsboardpkg:apk/wolfi/thingsboard-tb-js-executorpkg:apk/wolfi/thingsboard-tb-mqtt-transportpkg:apk/wolfi/thingsboard-tb-nodepkg:apk/wolfi/thingsboard-tb-web-uipkg:apk/wolfi/trinopkg:apk/wolfi/trino-configpkg:apk/wolfi/trino-oci-entrypointpkg:apk/wolfi/trino-plugin-accumulopkg:apk/wolfi/trino-plugin-ai-functionspkg:apk/wolfi/trino-plugin-atoppkg:apk/wolfi/trino-plugin-bigquerypkg:apk/wolfi/trino-plugin-blackholepkg:apk/wolfi/trino-plugin-cassandrapkg:apk/wolfi/trino-plugin-clickhousepkg:apk/wolfi/trino-plugin-delta-lakepkg:apk/wolfi/trino-plugin-druidpkg:apk/wolfi/trino-plugin-duckdbpkg:apk/wolfi/trino-plugin-elasticsearchpkg:apk/wolfi/trino-plugin-example-httppkg:apk/wolfi/trino-plugin-exasolpkg:apk/wolfi/trino-plugin-exchange-filesystempkg:apk/wolfi/trino-plugin-exchange-hdfspkg:apk/wolfi/trino-plugin-fakerpkg:apk/wolfi/trino-plugin-functions-pythonpkg:apk/wolfi/trino-plugin-geospatialpkg:apk/wolfi/trino-plugin-google-sheetspkg:apk/wolfi/trino-plugin-hivepkg:apk/wolfi/trino-plugin-http-event-listenerpkg:apk/wolfi/trino-plugin-http-server-event-listenerpkg:apk/wolfi/trino-plugin-hudipkg:apk/wolfi/trino-plugin-icebergpkg:apk/wolfi/trino-plugin-ignitepkg:apk/wolfi/trino-plugin-jmxpkg:apk/wolfi/trino-plugin-kafkapkg:apk/wolfi/trino-plugin-kafka-event-listenerpkg:apk/wolfi/trino-plugin-kinesispkg:apk/wolfi/trino-plugin-kudupkg:apk/wolfi/trino-plugin-lakehousepkg:apk/wolfi/trino-plugin-ldap-group-providerpkg:apk/wolfi/trino-plugin-local-filepkg:apk/wolfi/trino-plugin-lokipkg:apk/wolfi/trino-plugin-mariadbpkg:apk/wolfi/trino-plugin-memorypkg:apk/wolfi/trino-plugin-mlpkg:apk/wolfi/trino-plugin-mongodbpkg:apk/wolfi/trino-plugin-mysqlpkg:apk/wolfi/trino-plugin-mysql-event-listenerpkg:apk/wolfi/trino-plugin-opapkg:apk/wolfi/trino-plugin-openlineagepkg:apk/wolfi/trino-plugin-opensearchpkg:apk/wolfi/trino-plugin-oraclepkg:apk/wolfi/trino-plugin-password-authenticatorspkg:apk/wolfi/trino-plugin-phoenix5pkg:apk/wolfi/trino-plugin-pinotpkg:apk/wolfi/trino-plugin-postgresqlpkg:apk/wolfi/trino-plugin-prometheuspkg:apk/wolfi/trino-plugin-rangerpkg:apk/wolfi/trino-plugin-raptor-legacypkg:apk/wolfi/trino-plugin-redispkg:apk/wolfi/trino-plugin-redshiftpkg:apk/wolfi/trino-plugin-resource-group-managerspkg:apk/wolfi/trino-plugin-session-property-managerspkg:apk/wolfi/trino-plugin-singlestorepkg:apk/wolfi/trino-plugin-snowflakepkg:apk/wolfi/trino-plugin-spooling-filesystempkg:apk/wolfi/trino-plugin-sqlserverpkg:apk/wolfi/trino-plugin-teradata-functionspkg:apk/wolfi/trino-plugin-thriftpkg:apk/wolfi/trino-plugin-tpcdspkg:apk/wolfi/trino-plugin-tpchpkg:apk/wolfi/trino-plugin-verticapkg:apk/wolfi/wavefront-proxypkg:apk/wolfi/wavefront-proxy-compatpkg:apk/wolfi/wavefront-proxy-configpkg:apk/wolfi/wavefront-proxy-licensespkg:apk/wolfi/wavefront-proxy-oci-entrypointpkg:gem/google-protobufpkg:maven/com.google.protobuf/protobuf-javapkg:maven/com.google.protobuf/protobuf-javalitepkg:maven/com.google.protobuf/protobuf-kotlinpkg:maven/com.google.protobuf/protobuf-kotlin-litepkg:rpm/opensuse/protobuf&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/protobuf&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/protobuf&distro=openSUSE%20Leap%20Micro%205.5pkg:rpm/opensuse/protobuf&distro=openSUSE%20Tumbleweedpkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP4pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP6pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/protobuf&distro=SUSE%20Manager%20Server%204.3
< 2.0.0-r0+ 385 more
- (no CPE)range: < 2.0.0-r0
- (no CPE)range: < 2.0.0-r0
- (no CPE)range: < 2.0.0-r0
- (no CPE)range: < 8.6.5-r0
- (no CPE)range: < 8.6.12-r1
- (no CPE)range: < 8.6.12-r1
- (no CPE)range: < 8.6.5-r0
- (no CPE)range: < 0.5.4-r26
- (no CPE)range: < 0.6.3-r7
- (no CPE)range: < 8.0.0.6-r0
- (no CPE)range: < 8.0.0.9-r0
- (no CPE)range: < 3.3.2-r1
- (no CPE)range: < 7.17.24-r0
- (no CPE)range: < 7.17.24-r0
- (no CPE)range: < 7.17.24-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 8.15.3-r0
- (no CPE)range: < 5.0.0-r1
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 3.3.6-r8
- (no CPE)range: < 1.3.0-r0
- (no CPE)range: < 3.7.1-r1
- (no CPE)range: < 3.8.1-r0
- (no CPE)range: < 3.7.1-r1
- (no CPE)range: < 3.8.1-r0
- (no CPE)range: < 3.8.0-r2
- (no CPE)range: < 1.17.3-r4
- (no CPE)range: < 1.17.3-r4
- (no CPE)range: < 0.12.0-r13
- (no CPE)range: < 0.12.0-r13
- (no CPE)range: < 1.18.2-r33
- (no CPE)range: < 1.18.2-r33
- (no CPE)range: < 1.18.2-r33
- (no CPE)range: < 1.18.2-r33
- (no CPE)range: < 5.25.1-r0
- (no CPE)range: < 5.25.1-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 1.16.6.1.2-r1
- (no CPE)range: < 1.16.6.1.2-r1
- (no CPE)range: < 1.16.6.1.2-r1
- (no CPE)range: < 1.16.6.1.2-r1
- (no CPE)range: < 1.16.6.1.2-r1
- (no CPE)range: < 1.16.6.1.2-r1
- (no CPE)range: < 1.16.6.1.2-r2
- (no CPE)range: < 1.16.6.1.2-r2
- (no CPE)range: < 25.1.0.102122-r0
- (no CPE)range: < 25.1.0.102122-r0
- (no CPE)range: < 25.1.0.102122-r0
- (no CPE)range: < 0.10.4-r6
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 2.0.0-r0
- (no CPE)range: < 2.0.0-r0
- (no CPE)range: < 2.0.0-r0
- (no CPE)range: < 0.5.4-r26
- (no CPE)range: < 0.6.3-r7
- (no CPE)range: < 8.0.0.6-r0
- (no CPE)range: < 3.8.1-r0
- (no CPE)range: < 3.8.1-r0
- (no CPE)range: < 0.12.0-r13
- (no CPE)range: < 0.12.0-r13
- (no CPE)range: < 1.18.2-r33
- (no CPE)range: < 1.18.2-r33
- (no CPE)range: < 1.18.2-r33
- (no CPE)range: < 1.18.2-r33
- (no CPE)range: < 5.25.1-r0
- (no CPE)range: < 5.25.1-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 2.18.0-r0
- (no CPE)range: < 25.1.0.102122-r0
- (no CPE)range: < 25.1.0.102122-r0
- (no CPE)range: < 25.1.0.102122-r0
- (no CPE)range: < 0.10.4-r6
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 3.9.1-r2
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 464-r0
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 13.7-r5
- (no CPE)range: < 3.25.5
- (no CPE)range: < 3.25.5
- (no CPE)range: < 3.25.5
- (no CPE)range: < 3.25.5
- (no CPE)range: < 3.25.5
- (no CPE)range: < 25.1-150500.12.5.1
- (no CPE)range: < 25.1-150600.16.7.1
- (no CPE)range: < 25.1-150500.12.5.1
- (no CPE)range: < 28.3-15.1
- (no CPE)range: < 25.1-150400.9.10.1
- (no CPE)range: < 25.1-150400.9.10.1
- (no CPE)range: < 25.1-150400.9.10.1
- (no CPE)range: < 25.1-150500.12.5.1
- (no CPE)range: < 25.1-150400.9.10.1
- (no CPE)range: < 25.1-150400.9.10.1
- (no CPE)range: < 25.1-150500.12.5.1
- (no CPE)range: < 25.1-150500.12.5.1
- (no CPE)range: < 25.1-150600.16.7.1
- (no CPE)range: < 25.1-150500.12.5.1
- (no CPE)range: < 25.1-150600.16.7.1
- (no CPE)range: < 25.1-150500.12.5.1
- (no CPE)range: < 25.1-150600.16.7.1
- (no CPE)range: < 25.1-150400.9.10.1
- (no CPE)range: < 25.1-150500.12.5.1
- (no CPE)range: < 25.1-150500.12.5.1
- (no CPE)range: < 25.1-150600.16.7.1
- (no CPE)range: < 25.1-150400.9.10.1
- (no CPE)range: < 25.1-150400.9.10.1
- (no CPE)range: < 23.4-8.1
- (no CPE)range: < 23.4-slfo.1.1_2.1
- (no CPE)range: < 25.1-150400.9.10.1
- Google/google-protobuf [JRuby Gem]v5Range: 0
- Google/protobuf-kotllin-litev5Range: 0
- Google/Protocol Buffersv5Range: 0
Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-735f-pc8j-v9w8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-7254ghsaADVISORY
- github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3bghsaWEB
- github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926bghsaWEB
- github.com/protocolbuffers/protobuf/commit/9a5f5fe752a20cbac2e722b06949ac985abdd534ghsaWEB
- github.com/protocolbuffers/protobuf/commit/ac9fb5b4c71b0dd80985b27684e265d1f03abf46ghsaWEB
- github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaaghsaWEB
- github.com/protocolbuffers/protobuf/commit/d6c82fc55a76481c676f541a255571e8950bb8c3ghsaWEB
- github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8ghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2024-7254.ymlghsaWEB
- security.netapp.com/advisory/ntap-20241213-0010ghsaWEB
- security.netapp.com/advisory/ntap-20250418-0006ghsaWEB
News mentions
0No linked articles in our index yet.