Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
capnproto vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2015-2313
Sandstorm Cap'n Proto prior to 0.4.1.1 and 0.5.x prior to 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loo...
Capnproto Capnproto 0.5.1.1
Capnproto Capnproto 0.5.0.0
Capnproto Capnproto
Capnproto Capnproto 0.5.1.0
7.5
CVSSv2
CVE-2015-2311
Integer underflow in Sandstorm Cap'n Proto prior to 0.4.1.1 and 0.5.x prior to 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message.
Capnproto Capnproto 0.5.0.0
Capnproto Capnproto 0.5.1.0
Capnproto Capnproto
7.8
CVSSv2
CVE-2015-2312
Sandstorm Cap'n Proto prior to 0.4.1.1 and 0.5.x prior to 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements.
Capnproto Capnproto
Capnproto Capnproto 0.5.0.0
Capnproto Capnproto 0.5.1.0
NA
CVE-2023-48230
Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not a...
Capnproto Capnproto 1.0.0
Capnproto Capnproto 1.0.1
NA
CVE-2022-46149
Cap'n Proto is a data interchange format and remote procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation before 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of...
Capnproto Capnproto
Capnproto Capnproto 0.8.0
Capnproto Capnp
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.4
CVSSv2
CVE-2015-2310
Integer overflow in layout.c++ in Sandstorm Cap'n Proto prior to 0.4.1.1 and 0.5.x prior to 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation.
Capnproto Capnproto
5
CVSSv2
CVE-2017-7892
Sandstorm Cap'n Proto prior to 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler wi...
Capnproto Capnproto
2 Github repositories
NA
CVE-2022-44011
An issue exists in ClickHouse prior to 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22...
Clickhouse Clickhouse
NA
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
71 Github repositories
4 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started