AVG-2825 log

Package protobuf, python-protobuf
Status Fixed
Severity Medium
Type denial of service
Affected 21.5-1
Fixed 21.6-1
Current 28.3-1 [extra]
Ticket None
Created Sun Feb 19 12:24:40 2023
Issue Severity Remote Type Description
CVE-2022-1941 Medium Yes Denial of service
A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when...
References
https://cloud.google.com/support/bulletins#GCP-2022-019
https://www.openwall.com/lists/oss-security/2022/09/27/1
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-8gq9-2x98-w8hf