{"vulnerability": "CVE-2021-22570", "sightings": [{"uuid": "956040f9-053c-48e4-9b6e-e5b8d3d106ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22570", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12647", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-22570\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.\n\ud83d\udccf Published: 2022-01-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T13:56:58.459Z\n\ud83d\udd17 References:\n1. https://github.com/protocolbuffers/protobuf/releases/tag/v3.15.0\n2. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFX6KPNOFHYD6L4XES5PCM3QNSKZBOTQ/\n3. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DVUZPALAQ34TQP6KFNLM4IZS6B32XSA/\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NVTWVQRB5OCCTMKEQFY5MYED3DXDVSLP/\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BTRGBRC5KGCA4SK5MUNLPYJRAGXMBIYY/\n6. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/\n7. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/\n8. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/\n9. https://www.oracle.com/security-alerts/cpuapr2022.html\n10. https://security.netapp.com/advisory/ntap-20220429-0005/\n11. https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html", "creation_timestamp": "2025-04-21T14:02:01.000000Z"}, {"uuid": "7ef612de-7766-40c1-9bac-973465bf9ea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22570", "type": "seen", "source": "https://t.me/cibsecurity/36302", "content": "\u203c CVE-2021-22570 \u203c\n\nNullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-26T16:19:33.000000Z"}]}