CVSS: 6.4EPSS: 0%CPEs: 9EXPL: 0CVE-2022-46149 – Cap'n Proto vulnerable to out-of-bounds read due to logic error handling list-of-list.
https://notcve.org/view.php?id=CVE-2022-46149
30 Nov 2022 — Cap'n Proto is a data interchange format and remote procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error handling list-of-list. This issue may lead someone to remotely segfault a peer by sending it a malicious message, if the victim performs certain actions on a list-of-pointer type. Exfiltration of memory is possible if ... • https://github.com/capnproto/capnproto/commit/25d34c67863fd960af34fc4f82a7ca3362ee74b9 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2310
https://notcve.org/view.php?id=CVE-2015-2310
09 Aug 2017 — Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation. Un desbordamiento de enteros en layout.c++ en Sandstorm Cap’n Proto en versiones anteriores a la 0.4.1.1 y en las versiones 0.5.x anteriores a la 0.5.1.1 permite que pares remotos provoquen una denegación de servicio o que, posiblemente, obtengan información s... • http://www.openwall.com/lists/oss-security/2015/03/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2015-2311
https://notcve.org/view.php?id=CVE-2015-2311
09 Aug 2017 — Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message. Un desbordamiento de enteros en Sandstorm Cap'n Proto en versiones anteriores a la 0.4.1.1 y en versiones 0.5.x anteriores a la 0.5.1.1 podría permitir que pares remotos provoquen una denegación de servicio o que, posiblemente, obtengan información sensible de la memoria o... • http://www.openwall.com/lists/oss-security/2015/03/17/3 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2312
https://notcve.org/view.php?id=CVE-2015-2312
09 Aug 2017 — Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements. Sandstorm Cap’n Proto en versiones anteriores a la 0.4.1.1 y en versiones 0.5.x anteriores a la 0.5.1.1 permite que pares remotos provoquen una denegación de servicio (consumo de CPU y, probablemente, de recursos generales) mediante una lista con un gran número de elementos. • http://www.openwall.com/lists/oss-security/2015/03/17/3 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-2313
https://notcve.org/view.php?id=CVE-2015-2313
09 Aug 2017 — Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-2312. Sandstorm Cap’n Proto en versiones anteriores a la 0.4.1.1 y en versiones 0.5.x anteriores a la 0.5.1.2, cuando una aplicación invoca el método totalSize en un lector d... • http://www.openwall.com/lists/oss-security/2015/03/17/3 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7892
https://notcve.org/view.php?id=CVE-2017-7892
17 Apr 2017 — Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a bounds check in such calculations is Apple LLVM version 8.1.0 (clang-802.0.41). The attack vector is a crafted far pointer within a message. Sandstorm Cap'n Proto en versiones anteriores a 0.5.3.1 permite bloqueos ... • https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2017-04-17-0-apple-clang-elides-bounds-check.md • CWE-20: Improper Input Validation •