CVE-2024-2410 — CVSS 7.6 (high): The JsonToBinaryStream() function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. If the input…
CVE-2024-7254 — CVSS 7.5 (high): Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can…
CVE-2026-0994 — CVSS 7.5 (high): A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit…
CVE-2021-22570 — CVSS 6.5 (medium): Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the…