Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/com.google.protobuf/protobuf-java@3.0.2

Type maven

Namespace com.google.protobuf

Name protobuf-java

Version 3.0.2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 3.25.5

Latest_non_vulnerable_version 4.28.2

Affected_by_vulnerabilities

url VCID-29vj-zsat-aybh

vulnerability_id VCID-29vj-zsat-aybh

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7254.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7254.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-7254

reference_id

reference_type

scores

value	0.00134
scoring_system	epss
scoring_elements	0.33072
published_at	2026-06-11T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33251
published_at	2026-06-14T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33274
published_at	2026-06-13T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33254
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-7254

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7254
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7254

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/protocolbuffers/protobuf

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf

reference_url

https://github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3b

reference_url

https://github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926b

reference_url

https://github.com/protocolbuffers/protobuf/commit/9a5f5fe752a20cbac2e722b06949ac985abdd534

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/commit/9a5f5fe752a20cbac2e722b06949ac985abdd534

reference_url

https://github.com/protocolbuffers/protobuf/commit/ac9fb5b4c71b0dd80985b27684e265d1f03abf46

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/commit/ac9fb5b4c71b0dd80985b27684e265d1f03abf46

reference_url

https://github.com/protocolbuffers/protobuf/commit/d6c82fc55a76481c676f541a255571e8950bb8c3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/commit/d6c82fc55a76481c676f541a255571e8950bb8c3

reference_url

https://security.netapp.com/advisory/ntap-20241213-0010

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20241213-0010

reference_url

https://security.netapp.com/advisory/ntap-20250418-0006

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20250418-0006

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082381
reference_id	1082381
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082381

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2313454
reference_id	2313454
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2313454

reference_url

https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa

reference_id

cc8b3483a5584b3301e3d43d17eb59704857ffaa

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T14:29:43Z/

url

https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-7254

reference_id

CVE-2024-7254

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-7254

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2024-7254.yml

reference_id

CVE-2024-7254.YML

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2024-7254.yml

reference_url

https://github.com/advisories/GHSA-735f-pc8j-v9w8

reference_id

GHSA-735f-pc8j-v9w8

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-735f-pc8j-v9w8

reference_url

https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8

reference_id

GHSA-735f-pc8j-v9w8

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8

reference_url	https://access.redhat.com/errata/RHSA-2024:10700
reference_id	RHSA-2024:10700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10700

reference_url	https://access.redhat.com/errata/RHSA-2024:11255
reference_id	RHSA-2024:11255
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11255

reference_url	https://access.redhat.com/errata/RHSA-2024:11256
reference_id	RHSA-2024:11256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11256

reference_url	https://access.redhat.com/errata/RHSA-2024:7670
reference_id	RHSA-2024:7670
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7670

reference_url	https://access.redhat.com/errata/RHSA-2024:7676
reference_id	RHSA-2024:7676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7676

reference_url	https://access.redhat.com/errata/RHSA-2024:7972
reference_id	RHSA-2024:7972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7972

reference_url	https://access.redhat.com/errata/RHSA-2024:8064
reference_id	RHSA-2024:8064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8064

reference_url	https://access.redhat.com/errata/RHSA-2024:9571
reference_id	RHSA-2024:9571
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9571

reference_url	https://access.redhat.com/errata/RHSA-2025:20052
reference_id	RHSA-2025:20052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:20052

reference_url	https://access.redhat.com/errata/RHSA-2025:20057
reference_id	RHSA-2025:20057
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:20057

reference_url	https://access.redhat.com/errata/RHSA-2025:7620
reference_id	RHSA-2025:7620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7620

reference_url	https://access.redhat.com/errata/RHSA-2026:4915
reference_id	RHSA-2026:4915
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4915

reference_url	https://access.redhat.com/errata/RHSA-2026:4916
reference_id	RHSA-2026:4916
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4916

reference_url	https://access.redhat.com/errata/RHSA-2026:4917
reference_id	RHSA-2026:4917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4917

reference_url	https://usn.ubuntu.com/7435-1/
reference_id	USN-7435-1
reference_type
scores
url	https://usn.ubuntu.com/7435-1/

reference_url	https://usn.ubuntu.com/7629-1/
reference_id	USN-7629-1
reference_type
scores
url	https://usn.ubuntu.com/7629-1/

reference_url	https://usn.ubuntu.com/7629-2/
reference_id	USN-7629-2
reference_type
scores
url	https://usn.ubuntu.com/7629-2/

fixed_packages

url	pkg:maven/com.google.protobuf/protobuf-java@3.25.5
purl	pkg:maven/com.google.protobuf/protobuf-java@3.25.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.25.5

url	pkg:maven/com.google.protobuf/protobuf-java@4.27.5
purl	pkg:maven/com.google.protobuf/protobuf-java@4.27.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@4.27.5

url	pkg:maven/com.google.protobuf/protobuf-java@4.28.2
purl	pkg:maven/com.google.protobuf/protobuf-java@4.28.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@4.28.2

aliases CVE-2024-7254, GHSA-735f-pc8j-v9w8

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29vj-zsat-aybh

url VCID-ar4u-7bag-sfhg

vulnerability_id VCID-ar4u-7bag-sfhg

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3509.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3509.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3509

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.33864
published_at	2026-06-12T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33861
published_at	2026-06-14T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33886
published_at	2026-06-13T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33685
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3509

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/protocolbuffers/protobuf/blob/v2.6.1/java/core/src/main/java/com/google/protobuf/MessageReflection.java

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/blob/v2.6.1/java/core/src/main/java/com/google/protobuf/MessageReflection.java

reference_url

https://github.com/protocolbuffers/protobuf/blob/v3.0.0/java/core/src/main/java/com/google/protobuf/MessageReflection.java

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/blob/v3.0.0/java/core/src/main/java/com/google/protobuf/MessageReflection.java

reference_url

https://github.com/protocolbuffers/protobuf/tree/main/java

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/tree/main/java

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-3509

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-3509

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2184161
reference_id	2184161
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2184161

reference_url

https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9

reference_id

a3888f53317a8018e7a439bac4abeb8f3425d5e9

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:09:47Z/

url

https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9

reference_url

https://github.com/advisories/GHSA-g5ww-5jh7-63cx

reference_id

GHSA-g5ww-5jh7-63cx

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g5ww-5jh7-63cx

reference_url	https://access.redhat.com/errata/RHSA-2023:1855
reference_id	RHSA-2023:1855
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1855

reference_url	https://access.redhat.com/errata/RHSA-2023:3815
reference_id	RHSA-2023:3815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3815

reference_url	https://access.redhat.com/errata/RHSA-2023:4983
reference_id	RHSA-2023:4983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4983

fixed_packages

url pkg:maven/com.google.protobuf/protobuf-java@3.16.3

purl pkg:maven/com.google.protobuf/protobuf-java@3.16.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.16.3

url pkg:maven/com.google.protobuf/protobuf-java@3.19.6

purl pkg:maven/com.google.protobuf/protobuf-java@3.19.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.6

url pkg:maven/com.google.protobuf/protobuf-java@3.20.3

purl pkg:maven/com.google.protobuf/protobuf-java@3.20.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.20.3

url pkg:maven/com.google.protobuf/protobuf-java@3.21.7

purl pkg:maven/com.google.protobuf/protobuf-java@3.21.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.7

aliases CVE-2022-3509, GHSA-g5ww-5jh7-63cx

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ar4u-7bag-sfhg

url VCID-h152-5hjj-pke7

vulnerability_id VCID-h152-5hjj-pke7

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22570.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22570.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22570

reference_id

reference_type

scores

value	0.00138
scoring_system	epss
scoring_elements	0.33775
published_at	2026-06-13T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33749
published_at	2026-06-14T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33572
published_at	2026-06-11T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33753
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22570

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22570
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22570

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/protocolbuffers/protobuf

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/protobuf/PYSEC-2022-48.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/protobuf/PYSEC-2022-48.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DVUZPALAQ34TQP6KFNLM4IZS6B32XSA

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DVUZPALAQ34TQP6KFNLM4IZS6B32XSA

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DVUZPALAQ34TQP6KFNLM4IZS6B32XSA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DVUZPALAQ34TQP6KFNLM4IZS6B32XSA/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTRGBRC5KGCA4SK5MUNLPYJRAGXMBIYY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTRGBRC5KGCA4SK5MUNLPYJRAGXMBIYY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFX6KPNOFHYD6L4XES5PCM3QNSKZBOTQ

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFX6KPNOFHYD6L4XES5PCM3QNSKZBOTQ

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFX6KPNOFHYD6L4XES5PCM3QNSKZBOTQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFX6KPNOFHYD6L4XES5PCM3QNSKZBOTQ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NVTWVQRB5OCCTMKEQFY5MYED3DXDVSLP

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NVTWVQRB5OCCTMKEQFY5MYED3DXDVSLP

reference_url

https://security.netapp.com/advisory/ntap-20220429-0005

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220429-0005

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2049429
reference_id	2049429
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2049429

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DVUZPALAQ34TQP6KFNLM4IZS6B32XSA/

reference_id

3DVUZPALAQ34TQP6KFNLM4IZS6B32XSA

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DVUZPALAQ34TQP6KFNLM4IZS6B32XSA/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/

reference_id

5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BTRGBRC5KGCA4SK5MUNLPYJRAGXMBIYY/

reference_id

BTRGBRC5KGCA4SK5MUNLPYJRAGXMBIYY

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BTRGBRC5KGCA4SK5MUNLPYJRAGXMBIYY/

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

cpuapr2022.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-22570

reference_id

CVE-2021-22570

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-22570

reference_url

https://github.com/advisories/GHSA-77rm-9x9h-xj3g

reference_id

GHSA-77rm-9x9h-xj3g

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-77rm-9x9h-xj3g

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFX6KPNOFHYD6L4XES5PCM3QNSKZBOTQ/

reference_id

IFX6KPNOFHYD6L4XES5PCM3QNSKZBOTQ

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFX6KPNOFHYD6L4XES5PCM3QNSKZBOTQ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/

reference_id

KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/

reference_id

MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/

reference_url

https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html

reference_id

msg00019.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html

reference_url

https://security.netapp.com/advisory/ntap-20220429-0005/

reference_id

ntap-20220429-0005

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://security.netapp.com/advisory/ntap-20220429-0005/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NVTWVQRB5OCCTMKEQFY5MYED3DXDVSLP/

reference_id

NVTWVQRB5OCCTMKEQFY5MYED3DXDVSLP

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NVTWVQRB5OCCTMKEQFY5MYED3DXDVSLP/

reference_url	https://access.redhat.com/errata/RHSA-2022:7464
reference_id	RHSA-2022:7464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7464

reference_url	https://access.redhat.com/errata/RHSA-2022:7970
reference_id	RHSA-2022:7970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7970

reference_url	https://access.redhat.com/errata/RHSA-2022:8847
reference_id	RHSA-2022:8847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8847

reference_url	https://access.redhat.com/errata/RHSA-2022:8860
reference_id	RHSA-2022:8860
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8860

reference_url	https://access.redhat.com/errata/RHSA-2024:3433
reference_id	RHSA-2024:3433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3433

reference_url	https://usn.ubuntu.com/5490-1/
reference_id	USN-5490-1
reference_type
scores
url	https://usn.ubuntu.com/5490-1/

reference_url	https://usn.ubuntu.com/5945-1/
reference_id	USN-5945-1
reference_type
scores
url	https://usn.ubuntu.com/5945-1/

reference_url

https://github.com/protocolbuffers/protobuf/releases/tag/v3.15.0

reference_id

v3.15.0

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:35:59Z/

url

https://github.com/protocolbuffers/protobuf/releases/tag/v3.15.0

fixed_packages

url pkg:maven/com.google.protobuf/protobuf-java@3.15.0

purl pkg:maven/com.google.protobuf/protobuf-java@3.15.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

vulnerability	VCID-ar4u-7bag-sfhg

vulnerability	VCID-njfj-92p3-8ub1

vulnerability	VCID-wfm7-ytks-d7ha

vulnerability	VCID-xhj4-ncjf-9udg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.0

aliases CVE-2021-22570, GHSA-77rm-9x9h-xj3g, PYSEC-2022-48

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h152-5hjj-pke7

url VCID-njfj-92p3-8ub1

vulnerability_id VCID-njfj-92p3-8ub1

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22569.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22569.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22569

reference_id

reference_type

scores

value	0.00471
scoring_system	epss
scoring_elements	0.65158
published_at	2026-06-14T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.6505
published_at	2026-06-11T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.65161
published_at	2026-06-13T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.6515
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22569

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22569
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22569

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/protocolbuffers/protobuf

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2039903
reference_id	2039903
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2039903

reference_url

http://www.openwall.com/lists/oss-security/2022/01/12/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:40:37Z/

url

http://www.openwall.com/lists/oss-security/2022/01/12/4

reference_url

http://www.openwall.com/lists/oss-security/2022/01/12/7

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:40:37Z/

url

http://www.openwall.com/lists/oss-security/2022/01/12/7

reference_url

https://cloud.google.com/support/bulletins#gcp-2022-001

reference_id

bulletins#gcp-2022-001

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:40:37Z/

url

https://cloud.google.com/support/bulletins#gcp-2022-001

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

cpuapr2022.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:40:37Z/

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-22569

reference_id

CVE-2021-22569

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-22569

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330

reference_id

detail?id=39330

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:40:37Z/

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330

reference_url

https://github.com/advisories/GHSA-wrvw-hg22-4m67

reference_id

GHSA-wrvw-hg22-4m67

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wrvw-hg22-4m67

reference_url

https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67

reference_id

GHSA-wrvw-hg22-4m67

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67

reference_url

https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html

reference_id

msg00019.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:40:37Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html

reference_url	https://access.redhat.com/errata/RHSA-2022:1013
reference_id	RHSA-2022:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1013

reference_url	https://access.redhat.com/errata/RHSA-2022:4623
reference_id	RHSA-2022:4623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4623

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

reference_url	https://access.redhat.com/errata/RHSA-2022:5903
reference_id	RHSA-2022:5903
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5903

reference_url	https://access.redhat.com/errata/RHSA-2022:6835
reference_id	RHSA-2022:6835
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6835

reference_url	https://access.redhat.com/errata/RHSA-2022:7896
reference_id	RHSA-2022:7896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7896

reference_url	https://access.redhat.com/errata/RHSA-2022:8761
reference_id	RHSA-2022:8761
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8761

reference_url	https://usn.ubuntu.com/5945-1/
reference_id	USN-5945-1
reference_type
scores
url	https://usn.ubuntu.com/5945-1/

fixed_packages

url pkg:maven/com.google.protobuf/protobuf-java@3.16.1

purl pkg:maven/com.google.protobuf/protobuf-java@3.16.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

vulnerability	VCID-ar4u-7bag-sfhg

vulnerability	VCID-wfm7-ytks-d7ha

vulnerability	VCID-xhj4-ncjf-9udg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.16.1

url pkg:maven/com.google.protobuf/protobuf-java@3.18.2

purl pkg:maven/com.google.protobuf/protobuf-java@3.18.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

vulnerability	VCID-ar4u-7bag-sfhg

vulnerability	VCID-wfm7-ytks-d7ha

vulnerability	VCID-xhj4-ncjf-9udg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.18.2

url pkg:maven/com.google.protobuf/protobuf-java@3.19.2

purl pkg:maven/com.google.protobuf/protobuf-java@3.19.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

vulnerability	VCID-ar4u-7bag-sfhg

vulnerability	VCID-wfm7-ytks-d7ha

vulnerability	VCID-xhj4-ncjf-9udg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.2

aliases CVE-2021-22569, GHSA-wrvw-hg22-4m67, GMS-2022-1, GMS-2022-5, GMS-2022-6

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-njfj-92p3-8ub1

url VCID-wfm7-ytks-d7ha

vulnerability_id VCID-wfm7-ytks-d7ha

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3171.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3171.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3171

reference_id

reference_type

scores

value	0.00166
scoring_system	epss
scoring_elements	0.37495
published_at	2026-06-11T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37684
published_at	2026-06-14T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37697
published_at	2026-06-13T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37673
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3171

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48771

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48771

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3171
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3171

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/protocolbuffers/protobuf

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf

reference_url

https://github.com/protocolbuffers/protobuf/releases/tag/v21.7

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/releases/tag/v21.7

reference_url

https://github.com/protocolbuffers/protobuf/releases/tag/v3.16.3

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/releases/tag/v3.16.3

reference_url

https://github.com/protocolbuffers/protobuf/releases/tag/v3.19.6

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/releases/tag/v3.19.6

reference_url

https://github.com/protocolbuffers/protobuf/releases/tag/v3.20.3

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/releases/tag/v3.20.3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/

reference_url

https://security.gentoo.org/glsa/202301-09

reference_id

202301-09

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:41Z/

url

https://security.gentoo.org/glsa/202301-09

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2137645
reference_id	2137645
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2137645

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/

reference_id

CBAUKJQL6O4TIWYBENORSY5P43TVB4M3

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-3171

reference_id

CVE-2022-3171

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-3171

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2022-3171.yml

reference_id

CVE-2022-3171.YML

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2022-3171.yml

reference_url

https://github.com/advisories/GHSA-h4h5-3hr4-j3g2

reference_id

GHSA-h4h5-3hr4-j3g2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h4h5-3hr4-j3g2

reference_url

https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2

reference_id

GHSA-h4h5-3hr4-j3g2

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:41Z/

url

https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/

reference_id

MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/

reference_url	https://access.redhat.com/errata/RHSA-2022:7896
reference_id	RHSA-2022:7896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7896

reference_url	https://access.redhat.com/errata/RHSA-2022:9023
reference_id	RHSA-2022:9023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9023

reference_url	https://access.redhat.com/errata/RHSA-2023:1006
reference_id	RHSA-2023:1006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1006

reference_url	https://access.redhat.com/errata/RHSA-2023:4983
reference_id	RHSA-2023:4983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4983

reference_url	https://access.redhat.com/errata/RHSA-2024:3527
reference_id	RHSA-2024:3527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3527

fixed_packages

url pkg:maven/com.google.protobuf/protobuf-java@3.16.3

purl pkg:maven/com.google.protobuf/protobuf-java@3.16.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.16.3

url pkg:maven/com.google.protobuf/protobuf-java@3.19.6

purl pkg:maven/com.google.protobuf/protobuf-java@3.19.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.6

url pkg:maven/com.google.protobuf/protobuf-java@3.20.3

purl pkg:maven/com.google.protobuf/protobuf-java@3.20.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.20.3

url pkg:maven/com.google.protobuf/protobuf-java@3.21.7

purl pkg:maven/com.google.protobuf/protobuf-java@3.21.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.7

aliases CVE-2022-3171, GHSA-h4h5-3hr4-j3g2, GMS-2022-4942, GMS-2022-4943, GMS-2022-4944, GMS-2022-4945, GMS-2022-5022

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfm7-ytks-d7ha

url VCID-xhj4-ncjf-9udg

vulnerability_id VCID-xhj4-ncjf-9udg

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3510.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3510.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3510

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.20301
published_at	2026-06-12T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20298
published_at	2026-06-14T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20321
published_at	2026-06-13T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20125
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3510

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3510
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3510

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/protocolbuffers/protobuf/tree/main/java

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf/tree/main/java

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-3510

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-3510

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2184176
reference_id	2184176
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2184176

reference_url

https://github.com/protocolbuffers/protobuf/commit/db7c17803320525722f45c1d26fc08bc41d1bf48

reference_id

db7c17803320525722f45c1d26fc08bc41d1bf48

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:08:55Z/

url

https://github.com/protocolbuffers/protobuf/commit/db7c17803320525722f45c1d26fc08bc41d1bf48

reference_url

https://github.com/advisories/GHSA-4gg5-vx3j-xwc7

reference_id

GHSA-4gg5-vx3j-xwc7

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4gg5-vx3j-xwc7

reference_url	https://access.redhat.com/errata/RHSA-2023:1855
reference_id	RHSA-2023:1855
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1855

reference_url	https://access.redhat.com/errata/RHSA-2023:3815
reference_id	RHSA-2023:3815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3815

reference_url	https://access.redhat.com/errata/RHSA-2023:4983
reference_id	RHSA-2023:4983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4983

fixed_packages

url pkg:maven/com.google.protobuf/protobuf-java@3.16.3

purl pkg:maven/com.google.protobuf/protobuf-java@3.16.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.16.3

url pkg:maven/com.google.protobuf/protobuf-java@3.19.6

purl pkg:maven/com.google.protobuf/protobuf-java@3.19.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.6

url pkg:maven/com.google.protobuf/protobuf-java@3.20.3

purl pkg:maven/com.google.protobuf/protobuf-java@3.20.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.20.3

url pkg:maven/com.google.protobuf/protobuf-java@3.21.7

purl pkg:maven/com.google.protobuf/protobuf-java@3.21.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29vj-zsat-aybh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.7

aliases CVE-2022-3510, GHSA-4gg5-vx3j-xwc7

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xhj4-ncjf-9udg

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.0.2

Package Instance