Nanopb_project Nanopb
4 CVEs affecting Nanopb_project Nanopb. Latest disclosed: 2023-06-17. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2014-125106 | Critical | 9.8 | 2023-06-17 | Nanopb before 0.3.1 allows size_t overflows in pb_dec_bytes and pb_dec_string. |
CVE-2020-26243 | High | 7.5 | 2020-11-25 | Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory… |
CVE-2021-21401 | High | 7.1 | 2021-03-23 | Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can… |
CVE-2020-5235 | Medium | 6.5 | 2020-02-04 | There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PB_ENABLE_MALLOC, the mes… |