aperture-shared (=0.1.0), assemblylift-awslambda-host (>=0.2.0 <=0.3.0) +97 more potentially affected by unknown CVE via capnp (>=0.0.1 <=0.23.2)

capnp CARGO version =0.0.1, =0.2.0, =0.3.0, =0.2.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.10.0, =0.0.1, =0.1.0, =0.0.1, =0.4.0, =0.5.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5W5R-MF82-595P...

aperture-shared (=0.1.0), assemblylift-awslambda-host (>=0.2.0 <=0.3.0) +97 more potentially affected by unknown CVE via capnp (>=0.0.1 <=0.23.2)

capnp CARGO version =0.0.1, =0.2.0, =0.3.0, =0.2.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.10.0, =0.0.1, =0.1.0, =0.0.1, =0.4.0, =0.5.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0143...

Fedora 38 : rust-capnp / rust-sequoia-octopus-librnp (2022-15c504b6eb)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-15c504b6eb advisory. Update the capnp crate to version 0.14.11 to address CVE-2022-46149 / RUSTSEC-2022-0068. This update also includes a rebuild of the only affected application...

Fedora 37 : rust-capnp / rust-sequoia-octopus-librnp (2022-7002ec8b22)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-7002ec8b22 advisory. Update the capnp crate to version 0.14.11 to address CVE-2022-46149 / RUSTSEC-2022-0068. This update also includes a rebuild of the only affected application...

[SECURITY] Fedora 36 Update: rust-capnp-0.14.11-1.fc36

Runtime library for Cap'n Proto data encoding...

Fedora: Security Advisory for rust-capnp (FEDORA-2022-7002ec8b22)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rust-capnp (FEDORA-2022-fd7eeedd02)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

GHSA-QQFF-4VW4-F6HX Cap'n Proto and its Rust implementation vulnerable to out-of-bounds read due to logic error handling list-of-list

The Cap'n Proto library and capnp Rust package are vulnerable to out-of-bounds read due to logic error handling list-of-list. If a message consumer expects data of type "list of pointers", and if the consumer performs certain specific actions on such data, then a message producer can cause the...

bioyino-metric (>=0.1.0 <=0.2.0), capnp-futures (>=0.10.0 <=0.12.0) +12 more potentially affected by CVE-2022-46149 via capnp (>=0.0.1 <=0.12.4)

capnp CARGO version =0.0.1, =0.1.0, =0.10.0, =0.0.1, =0.0.1, =0.2.8, =1.0.0, =0.0.5, =0.3.0, =0.0.9, =0.2.0, =0.3.1 Source cves: CVE-2022-46149 Source advisory: OSV:GHSA-QQFF-4VW4-F6HX...

CVE-2022-46149

A flaw was found in capnproto and capnp projects where a specially-crafted pointer could escape bounds checking by exploiting inconsistent handling of pointers when a list-of-structs is downgraded to a list-of-pointers...

bioyino-metric (>=0.1.0 <=0.2.0), capnp-futures (>=0.10.0 <=0.12.0) +12 more potentially affected by CVE-2022-46149 via capnp (>=0.0.1 <=0.12.4)

capnp CARGO version =0.0.1, =0.1.0, =0.10.0, =0.0.1, =0.0.1, =0.2.8, =1.0.0, =0.0.5, =0.3.0, =0.0.9, =0.2.0, =0.3.1 Source cves: CVE-2022-46149 Source advisory: OSV:RUSTSEC-2022-0068...

UBUNTU-CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...