scacaca
scacaca
# Summary There is no length limit for RSA keys, and a malicious node can exploit large RSA keys to launch a resource exhaustion attack. A malicious peer can use...
# Summary A DOS vulnerability in hjson-py caused by crafted objects that deeply nested structures. # Description An issue was discovered in the latest hjson-py allows attackers to cause a...
# Description An issue in hjson-python up to v3.0.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted JSON string to string a StringIndexOutOfBoundsException. There is...
# Summary A DOS vulnerability in hjson-js caused by crafted objects that deeply nested structures. # Description An issue was discovered in the latest hjson-js allows attackers to cause a...
### Summary This can occur because when a signed peer record is received, only the signature validity check is performed but the sender signature is not checked. Signed peer records...
# summary In the MessageReader.read method, the segment size is parsed using get!int(offset) from a byte buffer. However, according to the Cap'n Proto specification, the segment sizes are unsigned 32-bit...
# Summary: An infinite loop may occur in PackedInputStream when the underlying input stream (e.g., ArrayInputStream) provides fewer bytes than expected by the reader. This can lead to unresponsive behavior...
# Summary: The D language implementation of Cap’n Proto lacks critical bounds checking in its message deserialization logic, allowing corrupted or maliciously crafted binary inputs to be parsed as valid...
### Summary The C++ implementation of libp2p’s Identify protocol (IdentifyMessageProcessor) does not validate or process the signedPeerRecord field in Identify messages. This allows malicious peers to inject or forward third-party...
# summary In hjson-cs , A crafted JSON string could lead to a denial-of-service (DoS) attack. # Description The utilization of hjson to interpret untrusted JSON strings could potentially expose...