INFCSA-2022:7970: protobuf security update
Information about definition
Identificator: INFCSA-2022:7970
Type: security
Release date: 2025-09-24 19:46:12 UTC
Information about package
The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data.
Vulnerabilities description
- CVE-2021-22570
A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2021-22570
|
no information | 7.5 | no information |
Updated packages
Preparing to download...