Vulnerabilities > Capnproto > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-09 CVE-2015-2313 Resource Exhaustion vulnerability in Capnproto
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loop.
network
low complexity
capnproto CWE-400
7.5
7.5
2017-08-09 CVE-2015-2312 Resource Exhaustion vulnerability in Capnproto
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements.
network
low complexity
capnproto CWE-400
7.5
7.5
2017-04-17 CVE-2017-7892 Improper Input Validation vulnerability in Capnproto
Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization.
network
low complexity
capnproto CWE-20
7.5
7.5