CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0CVE-2022-46149 – Cap'n Proto vulnerable to out-of-bounds read due to logic error handling list-of-list.
https://notcve.org/view.php?id=CVE-2022-46149
Cap'n Proto is a data interchange format and remote procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error handling list-of-list. This issue may lead someone to remotely segfault a peer by sending it a malicious message, if the victim performs certain actions on a list-of-pointer type. Exfiltration of memory is possible if the victim performs additional certain actions on a list-of-pointer type. To be vulnerable, an application must perform a specific sequence of actions, described in the GitHub Security Advisory. • https://github.com/capnproto/capnproto/commit/25d34c67863fd960af34fc4f82a7ca3362ee74b9 https://github.com/capnproto/capnproto/security/advisories/GHSA-qqff-4vw4-f6hx https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAHKLUMJAXJEV5BPBS5XXWBQ3ZTHGOLY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTS6TWD6K2NKXLEEFBPROQXMOFUTEYWY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKXM4JAFXLTXU5IQB3OUBQVCIICZWGYX https://lists.fedoraproj • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2310
https://notcve.org/view.php?id=CVE-2015-2310
Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation. Un desbordamiento de enteros en layout.c++ en Sandstorm Cap’n Proto en versiones anteriores a la 0.4.1.1 y en las versiones 0.5.x anteriores a la 0.5.1.1 permite que pares remotos provoquen una denegación de servicio o que, posiblemente, obtengan información sensible de la memoria mediante un mensaje manipulado, relacionado con la validación de punteros. • http://www.openwall.com/lists/oss-security/2015/03/17/3 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780565 https://github.com/capnproto/capnproto/blob/master/security-advisories/2015-03-02-0-c%2B%2B-integer-overflow.md https://github.com/capnproto/capnproto/commit/f343f0dbd0a2e87f17cd74f14186ed73e3fbdbfa • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2312
https://notcve.org/view.php?id=CVE-2015-2312
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements. Sandstorm Cap’n Proto en versiones anteriores a la 0.4.1.1 y en versiones 0.5.x anteriores a la 0.5.1.1 permite que pares remotos provoquen una denegación de servicio (consumo de CPU y, probablemente, de recursos generales) mediante una lista con un gran número de elementos. • http://www.openwall.com/lists/oss-security/2015/03/17/3 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780567 https://github.com/capnproto/capnproto/blob/master/security-advisories/2015-03-02-2-all-cpu-amplification.md https://github.com/capnproto/capnproto/commit/104870608fde3c698483fdef6b97f093fc15685d • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-2313
https://notcve.org/view.php?id=CVE-2015-2313
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-2312. Sandstorm Cap’n Proto en versiones anteriores a la 0.4.1.1 y en versiones 0.5.x anteriores a la 0.5.1.2, cuando una aplicación invoca el método totalSize en un lector de objetos, permite que pares remotos provoquen una denegación de servicio (consumo de CPU) mediante un mensaje pequeño manipulado, que desencadena un "tight" en bucle. NOTA: Esta vulnerabilidad existe debido a una solución incompleta para CVE-2015-2312. • http://www.openwall.com/lists/oss-security/2015/03/17/3 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780568 https://github.com/capnproto/capnproto/blob/master/security-advisories/2015-03-05-0-c%2B%2B-addl-cpu-amplification.md https://github.com/capnproto/capnproto/commit/80149744bdafa3ad4eedc83f8ab675e27baee868 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2311
https://notcve.org/view.php?id=CVE-2015-2311
Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message. Un desbordamiento de enteros en Sandstorm Cap'n Proto en versiones anteriores a la 0.4.1.1 y en versiones 0.5.x anteriores a la 0.5.1.1 podría permitir que pares remotos provoquen una denegación de servicio o que, posiblemente, obtengan información sensible de la memoria o que ejecuten código arbitrario mediante un mensaje manipulado. • http://www.openwall.com/lists/oss-security/2015/03/17/3 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780566 https://github.com/capnproto/capnproto/blob/master/security-advisories/2015-03-02-1-c%2B%2B-integer-underflow.md https://github.com/capnproto/capnproto/commit/26bcceda72372211063d62aab7e45665faa83633 • CWE-191: Integer Underflow (Wrap or Wraparound) •