VYPR

crates.io package

protobuf

pkg:cargo/protobuf

Vulnerabilities (2)

  • CVE-2025-53605MedJul 5, 2025
    affected < 3.7.2fixed 3.7.2

    The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.

  • CVE-2019-15544Aug 26, 2019
    affected < 2.6.0fixed 2.6.0

    An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve calls.