VYPR

apk package

wolfi/protobuf-c

pkg:apk/wolfi/protobuf-c

Vulnerabilities (2)

  • CVE-2022-33070Jun 22, 2022
    affected < 0fixed 0

    Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

  • CVE-2021-3121Jan 11, 2021
    affected < 0fixed 0

    An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.