VYPR

PyPI package

nanopb

pkg:pypi/nanopb

Vulnerabilities (2)

  • CVE-2021-21401HigMar 23, 2021
    affected >= 0.3.2, < 0.3.9.8fixed 0.3.9.8

    Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid `free()` or `realloc()` calls if the message type contains an `oneof` field, and the `oneof` directly conta

  • CVE-2020-26243HigNov 25, 2020
    affected >= 0.3.2, < 0.3.9.7fixed 0.3.9.7

    Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the m