ADVISORIES CVE-2024-7254 (NVD) GHSA-735f-pc8j-v9w8 Vendor Advisory GEM google-protobuf PATCHED VERSIONS ~> 3.25.5 ~> 4.27.5 >= 4.28.2 DESCRIPTION Summary When parsing unknown fields in the Protobuf Java Lite and Full library, a maliciously crafted message can cause a StackOverflow error and lead to a program crash. Reporter:
Source: RUBYLAND