VulnerableCode Package Details - pkg:pypi/protobuf@4.21.0rc2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/protobuf@4.21.0rc2

purl	pkg:pypi/protobuf@4.21.0rc2

Next non-vulnerable version	4.25.8
Latest non-vulnerable version	6.33.5
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-gh2d-yyjs-gbcz Aliases: CVE-2022-1941 GHSA-8gq9-2x98-w8hf	protobuf: message parsing vulnerability in ProtocolBuffers	4.21.6 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-jnzc-jj69-yug1 Aliases: CVE-2025-4565 GHSA-8qvm-5x2c-j2w7	python-protobuf: Unbounded recursion in Python Protobuf	4.25.8 Affected by 0 other vulnerabilities. 5.29.5 Affected by 0 other vulnerabilities. 6.31.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-gh2d-yyjs-gbcz
Aliases:
CVE-2022-1941
GHSA-8gq9-2x98-w8hf

protobuf: message parsing vulnerability in ProtocolBuffers

4.21.6
Affected by 1 other vulnerability.

VCID-jnzc-jj69-yug1
Aliases:
CVE-2025-4565
GHSA-8qvm-5x2c-j2w7

python-protobuf: Unbounded recursion in Python Protobuf

4.25.8
Affected by 0 other vulnerabilities.

5.29.5
Affected by 0 other vulnerabilities.

6.31.1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-30T07:29:47.389505+00:00	GitLab Importer	Affected by	VCID-jnzc-jj69-yug1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/protobuf/CVE-2025-4565.yml	38.6.0
2026-05-30T05:43:40.943841+00:00	GitLab Importer	Affected by	VCID-gh2d-yyjs-gbcz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/protobuf/CVE-2022-1941.yml	38.6.0