Launchpad.net

CVE 2015-5237

protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.

See the CVE page on Mitre.org for more details.