CVE-2024-58103

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-58103

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58103.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-58103

Aliases

GHSA-pwf9-q62p-v7wc

Related

CGA-2xxm-qjch-vq47

Published

2025-03-16T00:00:00Z

Modified

2026-05-18T05:59:07.982665310Z

Severity

5.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58103.json",
    "cwe_ids": [
        "CWE-674"
    ],
    "cna_assigner": "mitre"
}

References

Affected packages

Git / github.com/square/wire

Affected ranges

Type: GIT
Repo: https://github.com/square/wire
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

8166872e3844963523fb34b191ee59e69bd8f007

Affected versions

3.*

3.0.0

3.0.0-alpha01

3.0.0-alpha02

3.0.0-alpha03

3.0.0-rc01

3.0.0-rc02

3.0.0-rc03

3.0.2

3.0.3

3.3.0

3.3.0-alpha1

3.3.0-alpha2

3.4.0

3.5.0

3.5.1-alpha1

3.5.1-alpha2

3.6.0

3.6.0-alpha1

3.6.1

3.6.1-alpha1

3.7.0

3.8.0-alpha1

4.*

4.0.0

4.0.0-alpha.10

4.0.0-alpha.11

4.0.0-alpha.15

4.0.0-alpha.16

4.0.0-alpha.17

4.0.0-alpha.18

4.0.0-alpha.2

4.0.0-alpha.20

4.0.0-alpha.3

4.0.0-alpha.4

4.0.0-alpha.5

4.0.0-alpha.6

4.0.0-alpha.7

4.0.0-alpha.8

4.0.0-alpha.9

4.0.0-alpha1

4.0.0-alpha12

4.0.0-alpha13

4.0.1

4.1.0

4.1.1

4.2.0

4.3.0

4.4.0

4.4.1

4.4.2

4.4.3

4.5.0

4.5.1

4.5.2

4.5.3

4.5.4

4.5.5

4.5.6

4.6.0

4.6.1

4.6.2

4.7.0

4.7.1

4.7.2

4.8.0

4.8.1

4.9.0

4.9.1

4.9.1-square01

4.9.2

4.9.2-square02

4.9.2-square03

4.9.2-square04

4.9.3

4.9.3-square01

4.9.4

4.9.4-square01

4.9.4-square02

4.9.5

4.9.6

5.*

5.0.0

5.0.0-alpha.square.6

5.0.0-alpha.square.7

5.0.0-alpha.square.8

5.0.0-alpha.square.9

5.0.0-alpha01

5.0.0-alpha02

5.0.0-alpha02-square01

5.0.0-alpha02-square02

5.0.0-alpha03

5.0.0-alpha04

5.1.0

5.1.1-alpha.20240917.084212.96bbc3907

5.1.1-alpha.20240920.094122.b98afbb7d.1304

5.1.1-alpha.20241004.194750.5a2084117

5.1.1-alpha.20241016.095539.16b796241

5.1.1-alpha.20241017.175147.633cf04b4

5.1.1-alpha.20241127.134142.06e7597bb.v2

5.1.1-alpha.20241206.191847.01e8f3013

parent-3.*

parent-3.0.0-rc02

parent-3.0.1

parent-3.1.0

parent-3.2.0

parent-3.2.1

parent-3.2.2

parent-4.*

parent-4.0.0-alpha.12

parent-4.0.0-alpha.13

parent-4.0.0-alpha.14

parent-4.0.0-alpha.15

parent-4.0.0-alpha13

wire-1.*

wire-1.0.0

wire-1.0.1

wire-1.1.0

wire-1.1.1

wire-1.2.0

wire-1.3.0

wire-1.3.1

wire-1.3.2

wire-1.3.3

wire-1.4.0

wire-1.5.0

wire-1.5.1

wire-1.5.2

wire-1.6.0

wire-1.6.1

wire-1.7.0

wire-1.8.0

wire-2.*

wire-2.0.0

wire-2.0.0-BETA1

wire-2.0.0-BETA10

wire-2.0.0-BETA2

wire-2.0.0-BETA3

wire-2.0.0-BETA4

wire-2.0.0-BETA5

wire-2.0.0-BETA6

wire-2.0.0-BETA7

wire-2.0.0-BETA8

wire-2.0.0-BETA9

wire-2.0.1

wire-2.0.2

wire-2.0.3

wire-2.1.0

wire-2.1.1

wire-2.1.2

wire-2.2.0

wire-2.3.0-RC1

wire-3.*

wire-3.0.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58103.json"