CVE search results

1 – 2 of 2 results

Detailed view

Sort by:

CVE-2022-48468

Low priority

Needs evaluation

protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.

1 affected package

protobuf-c

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
protobuf-c	Not affected	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-33070

Medium priority

Some fixes available 10 of 87

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

9 affected packages

argyll, ccextractor, libgadu, libpg-query, libsignal-protocol-c...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
argyll	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ccextractor	Needs evaluation	Needs evaluation	Needs evaluation	—
libgadu	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libpg-query	Needs evaluation	Needs evaluation	—	—
libsignal-protocol-c	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ocserv	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
pidgin	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
protobuf-c	Fixed	Fixed	Fixed	Needs evaluation
sudo	Not affected	Fixed	Not affected	Not affected

Search CVE reports