Crash due to uncontrolled recursion in protobuf crate

Published: Mar 7, 2025
Updated: Apr 30, 2025
GHSA: <a href="https://github.com/advisories/GHSA-2gh3-rmm4-6rq5" target="_blank" rel="noopener"> GHSA-2gh3-rmm4-6rq5
Severity: Medium
Exploit:

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input.

This allows an attacker to cause a stack overflow when parsing the message on untrusted data.