SUSE CVE-2026-27571

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compression. Prior to versions 2.11.2 and 2.12.3, the implementation bound the memory size of a NATS...

CVE-2026-27571

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compression. Prior to versions 2.11.2 and 2.12.3, the implementation bound the memory size of a NATS...

EUVD-2023-52302

Malicious code in bioql PyPI...

Heap-Based Buffer Overflow

capnproto:sid is vulnerable to Heap based buffer overflow. The vulnerability due to misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325 and WebSocket compression enabled, a malicious peer may be able to cause a buffer under run on a heap-allocated buffer.It leads to allow an...

DEBIAN-CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

AZL-42681 CVE-2023-48230 affecting package capnproto 1.0.1-4

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

UBUNTU-CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

Heap overflow

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

CVE-2023-48230 Cap'n Proto WebSocket message can cause crash

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

PT-2023-30747 · Unknown · Cap'N Proto +1

Name of the Vulnerable Software and Affected Versions: Cap'n Proto versions 1.0 through 1.0.1 Description: The issue is related to a buffer underrun that can be caused by a remote peer when using the KJ HTTP library with WebSocket compression enabled. This can result in a crash, enabling a remote...

capnproto security breach

capnproto is capnproto open source a Proto serialization/RPC system - core tools and C++ libraries A security vulnerability exists in capnproto version 1.0 and 1.0.1, which stems from a buffer underrun issue when using the KJ HTTP library with WebSocket compression, and can be exploited by an...

SUSE SLED12 Security Update : python-tornado (SUSE-SU-2016:1195-1)

The python-tornado module was updated to version 4.2.1, which brings several fixes, enhancements and new features. The following security issues have been fixed : - A path traversal vulnerability in StaticFileHandler, in which files whose names started with the staticpath directory but were not...