ID CVE-2015-2313
Type cve
Reporter NVD
Modified 2017-08-17T10:59:09


Sandstorm Cap'n Proto before and 0.5.x before, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-2312.