Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-30871

Protobuf vulnerability

    XMLWordPrintableJSON

    Details

    • Type: Dependency upgrade
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 2.4.5
    • Fix Version/s: None
    • Component/s: Build

      Description

       Protobuf version 2.5.0 is vulnerable to Integer Overflow by allowing remote authenticated attackers to cause a heap-based buffer overflow in serialisation process. 

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              PioPapua Florencia Puppo
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: