vulnerability
Ubuntu: USN-5769-1 (CVE-2015-5237): protobuf vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:P/I:P/A:P) | Sep 25, 2017 | Dec 9, 2022 | Apr 23, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Sep 25, 2017
Added
Dec 9, 2022
Modified
Apr 23, 2025
Description
It was discovered that protobuf did not properly manage memory when serializing
large messages. An attacker could possibly use this issue to cause applications
using protobuf to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2015-5237)
It was discovered that protobuf did not properly manage memory when parsing
specifically crafted messages. An attacker could possibly use this issue to
cause applications using protobuf to crash, resulting in a denial of service.
(CVE-2022-1941)
Solution(s)
ubuntu-pro-upgrade-libprotobuf-lite9v5ubuntu-pro-upgrade-libprotobuf9v5ubuntu-pro-upgrade-libprotoc9v5ubuntu-pro-upgrade-protobuf-compilerubuntu-pro-upgrade-python-protobuf
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.