Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 4 of 4 results


CVE-2014-125106

Medium priority
Not affected

Nanopb before 0.3.1 allows size_t overflows in pb_dec_bytes and pb_dec_string.

1 affected packages

nanopb

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nanopb Not affected Not affected Ignored Ignored
Show less packages

CVE-2022-20203

Medium priority
Needs evaluation

In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User...

1 affected packages

nanopb

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nanopb Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-21401

Medium priority

Some fixes available 1 of 4

Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid `free()` or `realloc()` calls if the message...

1 affected packages

nanopb

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nanopb Not affected Not affected Fixed Not in release Not in release
Show less packages

CVE-2020-26243

Medium priority

Some fixes available 1 of 2

Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static...

1 affected packages

nanopb

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nanopb Not affected Not affected Fixed Not in release Not in release
Show less packages