{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T20:59:03.692","vulnerabilities":[{"cve":{"id":"CVE-2021-22569","sourceIdentifier":"cve-coordination@google.com","published":"2022-01-10T14:10:16.747","lastModified":"2024-11-21T05:50:20.647","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions."},{"lang":"es","value":"Un problema en protobuf-java permitía intercalar campos com.google.protobuf.UnknownFieldSet de tal manera que eran procesados fuera de orden. Una pequeña carga útil maliciosa puede ocupar el analizador durante varios minutos al crear un gran número de objetos de corta duración que causan frecuentes y repetidas pausas. Recomendamos actualizar las bibliotecas más allá de las versiones vulnerables"}],"metrics":{"cvssMetricV31":[{"source":"cve-coordination@google.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"cve-coordination@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-696"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:google-protobuf:*:*:*:*:*:ruby:*:*","versionEndExcluding":"3.19.2","matchCriteriaId":"01422CF6-13DE-42DF-A6FF-67E70D40DE6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:*","versionEndExcluding":"3.16.1","matchCriteriaId":"9CAAA7EA-1EE1-433E-939A-B25BDE08FF22"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18.0","versionEndExcluding":"3.18.2","matchCriteriaId":"FBBE87EA-F13D-4A0A-AF42-A361AB4F6611"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19.0","versionEndExcluding":"3.19.2","matchCriteriaId":"5707A6F9-0CEC-4CAA-B860-EBFA2D525B64"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:*","versionEndExcluding":"3.18.2","matchCriteriaId":"A252BD12-1555-4E89-B671-D459D3F149E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19.0","versionEndExcluding":"3.19.2","matchCriteriaId":"329F610C-F8CB-4009-B3A2-D0CB7FDDCB28"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*","matchCriteriaId":"DAAB7154-4DE8-4806-86D0-C1D33B84417B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*","matchCriteriaId":"6F60E32F-0CA0-4C2D-9848-CB92765A9ACB"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*","matchCriteriaId":"DF616620-88CE-4A77-B904-C1728A2E6F9B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*","matchCriteriaId":"B4367D9B-BF81-47AD-A840-AC46317C774D"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:spatial_and_graph_mapviewer:19c:*:*:*:*:*:*:*","matchCriteriaId":"D5291552-F823-48E6-B9D8-E94740C4CEFE"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:spatial_and_graph_mapviewer:21c:*:*:*:*:*:*:*","matchCriteriaId":"051613BE-6E8E-4865-8DA5-24352E9B9AD0"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2022/01/12/4","source":"cve-coordination@google.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2022/01/12/7","source":"cve-coordination@google.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330","source":"cve-coordination@google.com","tags":["Exploit","Issue Tracking","Mailing List","Vendor Advisory"]},{"url":"https://cloud.google.com/support/bulletins#gcp-2022-001","source":"cve-coordination@google.com","tags":["Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html","source":"cve-coordination@google.com"},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"cve-coordination@google.com","tags":["Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2022/01/12/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2022/01/12/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Mailing List","Vendor Advisory"]},{"url":"https://cloud.google.com/support/bulletins#gcp-2022-001","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}