VulnerableCode Package Details - pkg:maven/com.google.protobuf/protobuf-parent@3.4.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-uc1w-7er3-x7gb Aliases: CVE-2021-22570 GHSA-77rm-9x9h-xj3g PYSEC-2022-48	Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.	3.15.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-uc1w-7er3-x7gb
Aliases:
CVE-2021-22570
GHSA-77rm-9x9h-xj3g
PYSEC-2022-48

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.

3.15.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-fsjg-27y3-ykfe	protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.	CVE-2015-5237 GHSA-jwvw-v7c5-m82h PYSEC-2017-65

Vulnerability

Summary

Aliases

VCID-fsjg-27y3-ykfe

protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.

CVE-2015-5237
GHSA-jwvw-v7c5-m82h
PYSEC-2017-65

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:48:00.631778+00:00	GitLab Importer	Fixing	VCID-fsjg-27y3-ykfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2015-5237.yml	38.4.0
2026-04-16T21:38:08.795197+00:00	GitLab Importer	Affected by	VCID-uc1w-7er3-x7gb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml	38.4.0
2026-04-11T23:03:53.350796+00:00	GitLab Importer	Fixing	VCID-fsjg-27y3-ykfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2015-5237.yml	38.3.0
2026-04-11T22:52:36.339808+00:00	GitLab Importer	Affected by	VCID-uc1w-7er3-x7gb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml	38.3.0
2026-04-02T23:12:15.534142+00:00	GitLab Importer	Fixing	VCID-fsjg-27y3-ykfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2015-5237.yml	38.1.0
2026-04-02T23:01:59.575997+00:00	GitLab Importer	Affected by	VCID-uc1w-7er3-x7gb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml	38.1.0
2026-04-01T17:20:50.591082+00:00	GitLab Importer	Affected by	VCID-uc1w-7er3-x7gb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml	38.0.0
2026-04-01T12:50:11.459782+00:00	GitLab Importer	Fixing	VCID-fsjg-27y3-ykfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2015-5237.yml	38.0.0