CVE-2025-53605

Published July 5th, 2025

View on NVD ↗

CVSS v3

5.9

MEDIUM

CVSS v2

N/A

Affected

PROJECTS

Description

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.

protobuf

Protocol Buffers - Google's data interchange format

Crates.io

147M

stepancheg/rust-protobuf

Rust implementation of Google protocol buffers

GitHub

2.97K