Search CVE reports
1 – 2 of 2 results
CVE-2022-48468
Low priorityprotobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.
1 affected package
protobuf-c
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
protobuf-c | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-33070
Medium prioritySome fixes available 8 of 73
Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
9 affected packages
argyll, ccextractor, libgadu, libpg-query, libsignal-protocol-c...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
argyll | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ccextractor | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
libgadu | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libpg-query | Needs evaluation | Needs evaluation | — | — | — |
libsignal-protocol-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
ocserv | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pidgin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
protobuf-c | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
sudo | Not affected | Fixed | Not affected | Not affected | Not affected |