reports/GO-2021-0053.yaml - vulndb - Git at Google

 module: github.com/gogo/protobuf
 versions:
   - fixed: v1.3.2
 description: |
   Due to improper bounds checking, maliciously crafted input to generated
   Unmarshal methods can cause an out-of-bounds panic. If parsing messages
   from untrusted parties, this may be used as a denial of service vector.
 published: 2021-04-14T12:00:00Z
 cves:
   - CVE-2021-3121
 links:
   commit: https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc
	module: github.com/gogo/protobuf
	versions:
	- fixed: v1.3.2
	description: \|
	Due to improper bounds checking, maliciously crafted input to generated
	Unmarshal methods can cause an out-of-bounds panic. If parsing messages
	from untrusted parties, this may be used as a denial of service vector.
	published: 2021-04-14T12:00:00Z
	cves:
	- CVE-2021-3121
	links:
	commit: https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc