AVG-2826 log

Package protobuf-c
Status Fixed
Severity Medium
Type denial of service
Affected 1.4.0-4
Fixed 1.4.1-1
Current 1.5.0-10 [extra]
Ticket None
Created Sun Feb 19 12:28:21 2023
Issue Severity Remote Type Description
CVE-2022-33070 Medium Yes Denial of service
invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c
References
https://github.com/protobuf-c/protobuf-c/issues/506
https://github.com/protobuf-c/protobuf-c/pull/508