GCVE - cpe:2.3:a:google_llc:google-protobuf_[jruby

Approved changes feed: RSS · Atom

cpe:2.3:a:google_llc:google-protobuf_[jruby_gem]:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Google Llc (`c72c74b5-1c39-5d47-98b8-8dacb6f7d99a`)
Product	Google Protobuf [Jruby Gem] (`8cf214d2-29d6-56f6-b135-d3807dce80c7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-22569`	vulnerable	2026-06-03 14:43:53.222924	Denial of Service of protobuf-java parsing procedure HIGH (7.5) An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions. Published: 2022-01-07T00:00:00.000Z Updated: 2025-04-21T13:57:08.444Z Open on db.gcve.eu Reference links https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330 https://cloud.google.com/support/bulletins#gcp-2022-001 http://www.openwall.com/lists/oss-security/2022/01/12/4 http://www.openwall.com/lists/oss-security/2022/01/12/7 https://www.oracle.com/security-alerts/cpuapr2022.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.