Out-of-bounds Read

2022-12-2619:38:30

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

capnproto

vulnerability

out-of-bounds read

exfiltration

disclosure

memory

crashes

sensitive information

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

25.7%

JSON

capnproto is vulnerable to out-of-bounds reads. The out-of-bounds read vulnerability may lead to exfiltration of memory resulting in crashes or perhaps disclosure of sensitive information.

CPENameOperatorVersion
radare2:edgeeq4.2.1-r0
radare2:edgeeq5.4.2-r0
radare2:edgeeq5.6.4-r0
radare2:edgeeq5.4.2-r1
radare2:edgeeq5.5.2-r0
radare2:edgeeq5.4.0-r0
radare2:edgeeq5.1.1-r0
radare2:edgeeq5.2.0-r0
radare2:edgeeq5.5.4-r0
radare2:edgeeq5.6.2-r0

Name	Operator	Version
radare2:edge	eq	4.2.1-r0
radare2:edge	eq	5.4.2-r0
radare2:edge	eq	5.6.4-r0
radare2:edge	eq	5.4.2-r1
radare2:edge	eq	5.5.2-r0
radare2:edge	eq	5.4.0-r0
radare2:edge	eq	5.1.1-r0
radare2:edge	eq	5.2.0-r0
radare2:edge	eq	5.5.4-r0
radare2:edge	eq	5.6.2-r0