Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses

Filter by:

With package: php82Extensions.protobuf

Found 1 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2025-4565

created 6 months ago

Unbounded recursion in Python Protobuf

Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901

References

https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68…

Affected products

protobuf

<4.25.8
<6.31.1
<5.29.5

Python-Protobuf

<4.25.8
<6.31.1
<5.29.5

Matching in nixpkgs

pkgs.protobufc

C bindings for Google's Protocol Buffers

nixos-unstable -
- nixpkgs-unstable 1.5.2

pkgs.go-protobuf

Go bindings for protocol buffer

nixos-unstable -
- nixpkgs-unstable 1.5.4

pkgs.protobuf_21

Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 21.12

pkgs.protobuf_25

Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 25.8

pkgs.protobuf_27

Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 27.5

pkgs.protobuf_29

Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 29.5

pkgs.protobuf_30

Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 30.2

pkgs.protobuf_31

Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 31.1

pkgs.protobuf_32

Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 32.0

pkgs.mypy-protobuf

Generate mypy stub files from protobuf specs

nixos-unstable -
- nixpkgs-unstable 3.6.0

pkgs.haskellPackages.protobuf

Google Protocol Buffers via GHC.Generics

nixos-unstable -
- nixpkgs-unstable 0.2.1.3

pkgs.luaPackages.lua-protobuf

protobuf data support for Lua

nixos-unstable -
- nixpkgs-unstable 0.5.3-1

pkgs.php81Extensions.protobuf

Google's language-neutral, platform-neutral, extensible mechanism for serializing structured data

nixos-unstable -
- nixpkgs-unstable 3.21.9

pkgs.php82Extensions.protobuf

Google's language-neutral, platform-neutral, extensible mechanism for serializing structured data

nixos-unstable -
- nixpkgs-unstable 3.21.9

pkgs.php83Extensions.protobuf

Google's language-neutral, platform-neutral, extensible mechanism for serializing structured data

nixos-unstable -
- nixpkgs-unstable 3.21.9

pkgs.php84Extensions.protobuf

Google's language-neutral, platform-neutral, extensible mechanism for serializing structured data

nixos-unstable -
- nixpkgs-unstable 3.21.9

pkgs.akkuPackages.r6rs-protobuf

Protocol Buffers for R6RS Scheme

nixos-unstable -
- nixpkgs-unstable r6rs-protobuf-0.9.0

pkgs.lua51Packages.lua-protobuf

protobuf data support for Lua

nixos-unstable -
- nixpkgs-unstable 0.5.3-1

pkgs.lua52Packages.lua-protobuf

protobuf data support for Lua

nixos-unstable -
- nixpkgs-unstable 0.5.3-1

pkgs.lua53Packages.lua-protobuf

protobuf data support for Lua

nixos-unstable -
- nixpkgs-unstable 0.5.3-1

pkgs.lua54Packages.lua-protobuf

protobuf data support for Lua

nixos-unstable -
- nixpkgs-unstable 0.5.3-1

pkgs.python313Packages.protobuf

Protocol Buffers are Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 6.32.0

pkgs.luajitPackages.lua-protobuf

protobuf data support for Lua

nixos-unstable -
- nixpkgs-unstable 0.5.3-1

pkgs.python312Packages.protobuf4

Protocol Buffers are Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 4.25.8

pkgs.python312Packages.protobuf5

Protocol Buffers are Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 5.29.5

pkgs.python312Packages.protobuf6

Protocol Buffers are Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 6.32.0

pkgs.python313Packages.protobuf4

Protocol Buffers are Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 4.25.8

pkgs.python313Packages.protobuf5

Protocol Buffers are Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 5.29.5

pkgs.python313Packages.protobuf6

Protocol Buffers are Google's data interchange format

nixos-unstable -
- nixpkgs-unstable 6.32.0

pkgs.haskellPackages.riak-protobuf

Haskell types for the Riak protocol buffer API

nixos-unstable -
- nixpkgs-unstable 0.25.0.0

pkgs.haskellPackages.protobuf-simple

Simple Protocol Buffers library (proto2)

nixos-unstable -
- nixpkgs-unstable 0.1.1.1

pkgs.python312Packages.mypy-protobuf

Generate mypy stub files from protobuf specs

nixos-unstable -
- nixpkgs-unstable 3.6.0

pkgs.python312Packages.pure-protobuf

Python implementation of Protocol Buffers with dataclass-based schemas

nixos-unstable -
- nixpkgs-unstable 3.1.5

pkgs.python313Packages.mypy-protobuf

Generate mypy stub files from protobuf specs

nixos-unstable -
- nixpkgs-unstable 3.6.0

pkgs.python313Packages.pure-protobuf

Python implementation of Protocol Buffers with dataclass-based schemas

nixos-unstable -
- nixpkgs-unstable 3.1.5

pkgs.haskellPackages.protobuf-builder

Slow protobuf implementation

nixos-unstable -
- nixpkgs-unstable 0.1.0.0

pkgs.python312Packages.types-protobuf

Typing stubs for protobuf

nixos-unstable -
- nixpkgs-unstable 6.30.2.20250703

pkgs.python313Packages.types-protobuf

Typing stubs for protobuf

nixos-unstable -
- nixpkgs-unstable 6.30.2.20250703

pkgs.haskellPackages.language-protobuf

Language definition and parser for Protocol Buffers

nixos-unstable -
- nixpkgs-unstable 1.0.1

pkgs.python312Packages.uplink-protobuf

Protocol Buffers (Protobuf) support for Uplink

nixos-unstable -
- nixpkgs-unstable 0.1.0

pkgs.python313Packages.uplink-protobuf

Protocol Buffers (Protobuf) support for Uplink

nixos-unstable -
- nixpkgs-unstable 0.1.0

pkgs.python312Packages.protobuf3-to-dict

Teeny Python library for creating Python dicts from protocol buffers and the reverse

nixos-unstable -
- nixpkgs-unstable protobuf3-to-dict-0.1.5

pkgs.python312Packages.pybind11-protobuf

Pybind11 bindings for Google's Protocol Buffers

nixos-unstable -
- nixpkgs-unstable pybind11-protobuf-0-unstable-2025-02-10

pkgs.python313Packages.protobuf3-to-dict

Teeny Python library for creating Python dicts from protocol buffers and the reverse

nixos-unstable -
- nixpkgs-unstable protobuf3-to-dict-0.1.5

pkgs.python313Packages.pybind11-protobuf

Pybind11 bindings for Google's Protocol Buffers

nixos-unstable -
- nixpkgs-unstable pybind11-protobuf-0-unstable-2025-02-10

pkgs.chickenPackages_5.chickenEggs.protobuf

Protocol buffer serialization

nixos-unstable -
- nixpkgs-unstable 1.2.3

pkgs.haskellPackages.proto-lens-protobuf-types

Basic protocol buffer message types

nixos-unstable -
- nixpkgs-unstable 0.7.2.1

pkgs.python312Packages.sigstore-protobuf-specs

Library for serializing and deserializing Sigstore messages

nixos-unstable -
- nixpkgs-unstable 0.3.2

pkgs.python313Packages.sigstore-protobuf-specs

Library for serializing and deserializing Sigstore messages

nixos-unstable -
- nixpkgs-unstable 0.3.2

Package maintainers

@nlewo Antoine Eiche <lewo@abesis.fr>
@lockejan Jan Schmitt <git@smittie.de>
@LnL7 Daiderd Jordan <daiderd@gmail.com>
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
@aanderse Aaron Andersen <aaron@fosslib.net>
@talyz Kim Lindberger <kim.lindberger@gmail.com>
@piotrkwiecinski Piotr Kwiecinski <piokwiecinski+nixpkgs@gmail.com>
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@NickCao Nick Cao <nickcao@nichi.co>
@NeQuissimus Tim Steinbach <tim@nequissimus.com>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@chuangzhu Chuang Zhu <nixos@chuang.cz>
@wegank Weijia Wang <contact@weijia.wang>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
@andersk Anders Kaseorg <andersk@mit.edu>
@JamieMagee Jamie Magee <jamie.magee@gmail.com>

1