CVE-2024-58103 Information

Mar 17, 2025 cve

Description

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt.

Reference

https://github.com/square/wire/commit/b90e60c09befaff836a2fc2ee4d678451b2ec75d https://github.com/square/wire/compare/5.1.0…5.2.0

Share on: