Vulnerability Details CVE-2024-2410
The JsonToBinaryStream() function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. If the input is broken up into separate chunks in a certain way, the parser will attempt to read bytes from a chunk that has already been freed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.0%
CVSS Severity
CVSS v3 Score 7.6
References
Products affected by CVE-2024-2410
-
cpe:2.3:a:google:protobuf:4.22.0
-
cpe:2.3:a:google:protobuf:4.22.1
-
cpe:2.3:a:google:protobuf:4.22.2
-
cpe:2.3:a:google:protobuf:4.22.3
-
cpe:2.3:a:google:protobuf:4.22.4
-
cpe:2.3:a:google:protobuf:4.22.5
-
cpe:2.3:a:google:protobuf:4.23.0
-
cpe:2.3:a:google:protobuf:4.23.1
-
cpe:2.3:a:google:protobuf:4.23.2
-
cpe:2.3:a:google:protobuf:4.23.3
-
cpe:2.3:a:google:protobuf:4.23.4
-
cpe:2.3:a:google:protobuf:4.24.0
-
cpe:2.3:a:google:protobuf:4.24.1
-
cpe:2.3:a:google:protobuf:4.24.2
-
cpe:2.3:a:google:protobuf:4.24.3
-
cpe:2.3:a:google:protobuf:4.24.4