You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Apr 18, 2026. It is now read-only.
The issues doesn't seem to impact this library, as it only concerns parsing user-provided content as a protobuf, while here it only parses google-provided content. But nevertheless, automated code scanning tools don't know about that and generate warnings that this library is vulnerable.
Proposed solution: update protobuf version to the latest.
CVE-2021-22569 5.5 Incorrect Behavior Order vulnerability pending CVSS allocation
CVE-2022-3171 7.5 Uncontrolled Resource Consumption vulnerability with medium severity found
The issues doesn't seem to impact this library, as it only concerns parsing user-provided content as a protobuf, while here it only parses google-provided content. But nevertheless, automated code scanning tools don't know about that and generate warnings that this library is vulnerable.
Proposed solution: update protobuf version to the latest.