Any project that uses Protobuf pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit.
Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team
[email protected]
Affected versions: This issue only affects the pure-Python implementation of protobuf-python backend. This is the implementation when PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python environment variable is set or the default when protobuf is used from Bazel or pure-Python PyPi wheels. CPython PyPi wheels do not use pure-Python by default.
This is a Python variant of a previous issue affecting protobuf-java.
This is a potential Denial of Service. Parsing nested protobuf data creates unbounded recursions that can be abused by an attacker.
For reproduction details, please refer to the unit tests decoder_test.py and message_test
A mitigation is available now. Please update to the latest available versions of the following packages:
* protobuf-python(4.25.8, 5.29.5, 6.31.1)
| Score | Percentile |
|---|---|
| 0.02% | 3.59% |
| Base score | Version | Severity | Vector |
|---|---|---|---|
| 8.2 | 4.0 | — |
|
| Type | Value |
|---|---|
| GHSA | GHSA-8qvm-5x2c-j2w7 ↗ |
| CVE | CVE-2025-4565 ↗ |
| CWE id | Name |
|---|---|
| CWE-674 | Uncontrolled Recursion |
Vulnerable version ranges and first patched releases as published by GitHub.
| Ecosystem | Package | Vulnerable range | First patched | Vulnerable functions |
|---|---|---|---|---|
| pip | protobuf | < 4.25.8 | 4.25.8 | — |
| pip | protobuf | >= 5.26.0rc1, < 5.29.5 | 5.29.5 | — |
| pip | protobuf | >= 6.30.0rc1, < 6.31.1 | 6.31.1 | — |