protobuf susceptible to buffer overflow
protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.
Advisories for Nuget/Google.Protobuf package
2022
Withdrawn Advisory: NULL Pointer Dereference in Protocol Buffers
Withdrawn Advisory This advisory has been withdrawn because the protobuf vulnerability comes from the compiler rather that the code. This link is maintained to preserve external references. Original Description Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the …