All the vulnerabilites related to Google - protobuf-kotllin-lite
cve-2024-7254
Vulnerability from cvelistv5
Published
2024-09-19 00:18
Modified
2024-09-19 14:46
Severity ?
EPSS score ?
Summary
Stack overflow in Protocol Buffers Java Lite
References
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:google:protobuf:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "protobuf", "vendor": "google", "versions": [ { "lessThan": "28.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:google:google-protobuf:*:*:*:*:*:ruby:*:*", "cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:*", "cpe:2.3:a:google:protobuf-javalite:*:*:*:*:*:*:*:*", "cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:*", "cpe:2.3:a:google:protobuf-kotlin-lite:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "protobuf-kotlin-lite", "vendor": "google", "versions": [ { "lessThan": "3.25.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.27.5", "status": "affected", "version": "4.27", "versionType": "custom" }, { "lessThan": "4.28.2", "status": "affected", "version": "4.28", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-7254", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-19T14:29:43.468555Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-19T14:46:14.517Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Protocol Buffers", "repo": "https://github.com/protocolbuffers/protobuf", "vendor": "Google", "versions": [ { "lessThan": "28.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "collectionURL": "https://mvnrepository.com/artifact/com.google.protobuf/protobuf-java", "defaultStatus": "unaffected", "product": "protobuf-java", "vendor": "Google", "versions": [ { "lessThan": "3.25.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.27.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.28.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "protobuf-javalite", "vendor": "Google", "versions": [ { "lessThan": "3.25.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.27.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.28.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "protobuf-kotlin", "vendor": "Google", "versions": [ { "lessThan": "3.25.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.27.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.28.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "protobuf-kotllin-lite", "vendor": "Google", "versions": [ { "lessThan": "3.25.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.27.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.28.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "collectionURL": "https://rubygems.org/gems/google-protobuf", "defaultStatus": "unaffected", "product": "google-protobuf [JRuby Gem]", "vendor": "Google", "versions": [ { "lessThan": "3.25.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.27.5", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "4.28.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Alexis Challande, Trail of Bits Ecosystem Security Team \u003cecosystem@trailofbits.com\u003e" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAny project that parses untrusted Protocol Buffers data\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;containing an arbitrary number of nested \u003c/span\u003e\u003ccode\u003egroup\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es / series of \u003c/span\u003e\u003ccode\u003eSGROUP\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;tags can corrupted by exceeding the stack limit i.e. StackOverflow. \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eParsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e" } ], "value": "Any project that parses untrusted Protocol Buffers data\u00a0containing an arbitrary number of nested groups / series of SGROUP\u00a0tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker." } ], "impacts": [ { "capecId": "CAPEC-100", "descriptions": [ { "lang": "en", "value": "CAPEC-100 Overflow Buffers" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-19T00:18:45.824Z", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa" } ], "source": { "discovery": "UNKNOWN" }, "title": "Stack overflow in Protocol Buffers Java Lite", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2024-7254", "datePublished": "2024-09-19T00:18:45.824Z", "dateReserved": "2024-07-29T21:41:56.116Z", "dateUpdated": "2024-09-19T14:46:14.517Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }