{"uuid": "2c9730ba-779e-4eca-a29a-c761b53b5a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1941", "type": "seen", "source": "https://t.me/arpsyndicate/2677", "content": "#ExploitObserverAlert\n\nCVE-2022-1941\n\nDESCRIPTION: Exploit Observer has 10 entries related to CVE-2022-1941. A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated.\n\nFIRST-EPSS: 0.001400000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-08T20:18:29.000000Z"}