10 matches found
CVE-2026-13757 P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
GHSA-4GPH-2HHR-5MWG Envoy AI Proxy - MCP Message Smuggling Vulnerability
Envoy AI Gateway was found to be affected by a protocol parser differential vulnerability due to improper implementation of the JSON-RPC 2.0 specification. Such differential causes a MCP message alteration, potentially causing a bypass of security controls in a multi-layered architecture. Accordi...
CVE-2026-27896
A flaw was found in the Go MCP SDK. This issue occurs due to an improper handling of case sensitivity during JSON-RPC message parsing, specifically in the matching of JSON keys to struct field tags. This behavior violates the JSON-RPC 2.0 specification, which explicitly requires case-sensitive...
CVE-2022-36008
Frontier is Substrate's Ethereum compatibility layer. A security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause ...
CVE-2022-36008 Message length overflow in frontier
Frontier is Substrate's Ethereum compatibility layer. A security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause ...
CVE-2022-36008 Message length overflow in frontier
Frontier is Substrate's Ethereum compatibility layer. A security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause ...
CVE-2022-36008
Frontier (Substrate’s Ethereum compatibility layer) has a CVE-2022-36008 affecting parsing of the RPC exit reason for EVM reversion. In release builds, the RPC could return an incorrectly parsed exit reason; in debug builds, an overflow panic could occur. The issue is only relevant if a bridge no...
Incorrect parsing of EVM reversion exit reason in RPC
Impact A low severity security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause an overflow panic. No action is...
WireShark sniffer multiple security vulnerabilities
Buffer overflow on SSL parsing, DoS on HTTP, MEGACO, Bluetooth SDP, RPC parsing...
HP Tru64 UNIX/OpenVMS/HP-UX DCE server buffer overflow
Buffer overflow on RPC parsing...