VulnerableCode Package Details - pkg:maven/com.google.protobuf/protobuf-parent@3.2.0rc2

Search for packages

Vulnerability	Summary	Fixed by
VCID-fsjg-27y3-ykfe Aliases: CVE-2015-5237 GHSA-jwvw-v7c5-m82h PYSEC-2017-65	protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.	3.4.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-uc1w-7er3-x7gb Aliases: CVE-2021-22570 GHSA-77rm-9x9h-xj3g PYSEC-2022-48	Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.	3.15.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-fsjg-27y3-ykfe
Aliases:
CVE-2015-5237
GHSA-jwvw-v7c5-m82h
PYSEC-2017-65

protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.

3.4.0
Affected by 1 other vulnerability.

VCID-uc1w-7er3-x7gb
Aliases:
CVE-2021-22570
GHSA-77rm-9x9h-xj3g
PYSEC-2022-48

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.

3.15.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:48:00.614954+00:00	GitLab Importer	Affected by	VCID-fsjg-27y3-ykfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2015-5237.yml	38.4.0
2026-04-16T21:38:08.787736+00:00	GitLab Importer	Affected by	VCID-uc1w-7er3-x7gb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml	38.4.0
2026-04-11T23:03:53.332880+00:00	GitLab Importer	Affected by	VCID-fsjg-27y3-ykfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2015-5237.yml	38.3.0
2026-04-11T22:52:36.319004+00:00	GitLab Importer	Affected by	VCID-uc1w-7er3-x7gb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml	38.3.0
2026-04-02T23:12:15.517721+00:00	GitLab Importer	Affected by	VCID-fsjg-27y3-ykfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2015-5237.yml	38.1.0
2026-04-02T23:01:59.559684+00:00	GitLab Importer	Affected by	VCID-uc1w-7er3-x7gb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml	38.1.0
2026-04-01T17:32:10.892100+00:00	GitLab Importer	Affected by	VCID-fsjg-27y3-ykfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2015-5237.yml	38.0.0
2026-04-01T17:20:50.568783+00:00	GitLab Importer	Affected by	VCID-uc1w-7er3-x7gb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml	38.0.0