Vulnerabilities > Capnproto

DATE CVE VULNERABILITY TITLE RISK
2023-11-21 CVE-2023-48230 Out-of-bounds Write vulnerability in Capnproto 1.0.0/1.0.1
Cap'n Proto is a data interchange format and capability-based RPC system.
network
low complexity
capnproto CWE-787
critical
9.8
2022-11-30 CVE-2022-46149 Cap'n Proto is a data interchange format and remote procedure call (RPC) system.
network
low complexity
capnproto fedoraproject
5.4
2017-08-09 CVE-2015-2313 Resource Exhaustion vulnerability in Capnproto
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loop.
network
low complexity
capnproto CWE-400
7.5
2017-08-09 CVE-2015-2312 Resource Exhaustion vulnerability in Capnproto
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements.
network
low complexity
capnproto CWE-400
7.5
2017-08-09 CVE-2015-2311 Integer Underflow (Wrap or Wraparound) vulnerability in Capnproto
Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message.
network
low complexity
capnproto CWE-191
critical
9.8
2017-08-09 CVE-2015-2310 Integer Overflow or Wraparound vulnerability in Capnproto
Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation.
network
low complexity
capnproto CWE-190
critical
9.1
2017-04-17 CVE-2017-7892 Improper Input Validation vulnerability in Capnproto
Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization.
network
low complexity
capnproto CWE-20
7.5