VDB

CVE-2024-2410

CVE-2024-2410 PUBLISHED CVSS 7.599999904632568 HIGH

The JsonToBinaryStream() function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. If the input is broken up into separate chunks in a certain way, the parser will attempt to read bytes from a chunk that has already been freed. 

EPSS 0.05% · 15.9th percentile

Risk Scores

CVSS 3.1
7.599999904632568
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
EPSS Score
0.05%
15.9th percentile

Affected Products

VendorProductVersions
googleprotobuf4.22.0, 4.22.0, 4.22.0
googleprotobuf4.22.0, 4.22.0
protocolbuffersprotobuf4.22.0, 4.22.0

Exploit Intelligence

Timeline

  • May 3, 2024 CVE Published
  • May 4, 2024 EPSS Score
  • May 28, 2024 EPSS Score
  • Jun 21, 2024 EPSS Score
  • Jul 16, 2024 EPSS Score
  • Aug 1, 2024 CVE Updated
  • Aug 13, 2024 EPSS Score
  • Sep 6, 2024 EPSS Score
  • Sep 30, 2024 EPSS Score
  • Oct 4, 2024 Coalition ESS Score
  • Oct 24, 2024 EPSS Score
  • Dec 13, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›