David Renshaw

1 exploit Active since Aug 2017
CVE-2015-2313 WRITEUP HIGH WRITEUP
capnproto < 0.4.1.1 and 0.5.x < 0.5.1.2 - Denial of Service via Crafted Small Message
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-2312.
CVSS 7.5