Search CVE reports
1 – 2 of 2 results
protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.
1 affected package
protobuf-c
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| protobuf-c | Not affected | Not affected | Needs evaluation | Ignored | Ignored |
Some fixes available 11 of 79
Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
9 affected packages
argyll, ccextractor, libgadu, libpg-query, libsignal-protocol-c...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| argyll | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ccextractor | Not in release | Needs evaluation | Needs evaluation | Ignored | — |
| libgadu | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libpg-query | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
| libsignal-protocol-c | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ocserv | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| pidgin | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| protobuf-c | Fixed | Fixed | Fixed | Fixed | Ignored |
| sudo | Not affected | Not affected | Fixed | Not affected | Not affected |