Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-33070

Опубликовано: 23 июн. 2022
Источник: debian
EPSS Низкий

Описание

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
protobuf-cfixed1.4.1-1package
protobuf-cno-dsabullseyepackage
protobuf-cno-dsabusterpackage

Примечания

  • https://github.com/protobuf-c/protobuf-c/issues/506

  • https://github.com/protobuf-c/protobuf-c/pull/508

  • https://github.com/protobuf-c/protobuf-c/commit/6e389ce2c34355d36009a8fb1666bed29fa2d4f4 (v1.4.1)

EPSS

Процентиль: 20%
0.00063
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-33070

CVSS3: 5.5
ubuntu
больше 3 лет назад

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

redhat логотип

CVE-2022-33070

CVSS3: 3.1
redhat
больше 3 лет назад

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

nvd логотип

CVE-2022-33070

CVSS3: 5.5
nvd
больше 3 лет назад

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

msrc логотип

CVE-2022-33070

CVSS3: 5.5
msrc
больше 3 лет назад

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

github логотип

GHSA-xcrq-6j7j-784j

CVSS3: 5.5
github
больше 3 лет назад

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

EPSS

Процентиль: 20%
0.00063
Низкий