Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/com.google.protobuf/protobuf-parent@3.9.2
purl pkg:maven/com.google.protobuf/protobuf-parent@3.9.2
Next non-vulnerable version 3.15.0
Latest non-vulnerable version 3.15.0
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-uc1w-7er3-x7gb
Aliases:
CVE-2021-22570
GHSA-77rm-9x9h-xj3g
PYSEC-2022-48
Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.
3.15.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:38:08.814161+00:00 GitLab Importer Affected by VCID-uc1w-7er3-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml 38.4.0
2026-04-11T22:52:36.387181+00:00 GitLab Importer Affected by VCID-uc1w-7er3-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml 38.3.0
2026-04-02T23:01:59.618040+00:00 GitLab Importer Affected by VCID-uc1w-7er3-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml 38.1.0
2026-04-01T17:20:50.652320+00:00 GitLab Importer Affected by VCID-uc1w-7er3-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.google.protobuf/protobuf-parent/CVE-2021-22570.yml 38.0.0