Added |
CVSS V3.1 |
|
NIST AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
Added |
CVSS V2 |
|
NIST (AV:N/AC:M/Au:N/C:N/I:N/A:P)
|
Added |
CWE |
|
NIST NVD-CWE-noinfo
|
Added |
CPE Configuration |
|
OR
*cpe:2.3:a:google:google-protobuf:*:*:*:*:*:ruby:*:* versions up to (excluding) 3.19.2
*cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:* versions up to (excluding) 3.16.1
*cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:* versions from (including) 3.18.0 up to (excluding) 3.18.2
*cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:* versions from (including) 3.19.0 up to (excluding) 3.19.2
*cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:* versions up to (excluding) 3.18.2
*cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:* versions from (including) 3.19.0 up to (excluding) 3.19.2
|
Changed |
Reference Type |
http://www.openwall.com/lists/oss-security/2022/01/12/4 No Types Assigned
|
http://www.openwall.com/lists/oss-security/2022/01/12/4 Mailing List, Third Party Advisory
|
Changed |
Reference Type |
http://www.openwall.com/lists/oss-security/2022/01/12/7 No Types Assigned
|
http://www.openwall.com/lists/oss-security/2022/01/12/7 Mailing List, Third Party Advisory
|
Changed |
Reference Type |
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330 No Types Assigned
|
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330 Exploit, Issue Tracking, Mailing List, Vendor Advisory
|
Changed |
Reference Type |
https://cloud.google.com/support/bulletins#gcp-2022-001 No Types Assigned
|
https://cloud.google.com/support/bulletins#gcp-2022-001 Vendor Advisory
|
Added |
CVSS V2 Metadata |
|
Victim must voluntarily interact with attack mechanism
|