rpm package
suse/protobuf&distro=SUSE Linux Enterprise Module for Development Tools 15 SP6
pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-4565 | — | < 25.1-150600.16.13.1 | 25.1-150600.16.13.1 | Jun 16, 2025 | Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of s | ||
| CVE-2024-7254 | — | < 25.1-150600.16.7.1 | 25.1-150600.16.7.1 | Sep 19, 2024 | Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf |
- CVE-2025-4565Jun 16, 2025affected < 25.1-150600.16.13.1fixed 25.1-150600.16.13.1
Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of s
- CVE-2024-7254Sep 19, 2024affected < 25.1-150600.16.7.1fixed 25.1-150600.16.7.1
Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf