Vulnerabilities > Capnproto
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-21 | CVE-2023-48230 | Out-of-bounds Write vulnerability in Capnproto 1.0.0/1.0.1 Cap'n Proto is a data interchange format and capability-based RPC system. | 9.8 |
| 2022-11-30 | CVE-2022-46149 | Out-of-bounds Read vulnerability in multiple products Cap'n Proto is a data interchange format and remote procedure call (RPC) system. | 5.4 |
| 2017-08-09 | CVE-2015-2313 | Resource Exhaustion vulnerability in Capnproto Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loop. | 7.8 |
| 2017-08-09 | CVE-2015-2312 | Resource Exhaustion vulnerability in Capnproto Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements. | 7.8 |
| 2017-08-09 | CVE-2015-2311 | Integer Underflow (Wrap or Wraparound) vulnerability in Capnproto Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute arbitrary code via a crafted message. | 7.5 |
| 2017-08-09 | CVE-2015-2310 | Integer Overflow or Wraparound vulnerability in Capnproto Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation. | 6.4 |
| 2017-04-17 | CVE-2017-7892 | Improper Input Validation vulnerability in Capnproto Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. | 5.0 |