Cap'n Proto: Integer overflow in KJ-HTTP chunk size

- [CVE-2026-32240](https://nvd.nist.gov/vuln/detail/CVE-2026-32240)
- [Nixpkgs security tracker issue](http://tracker.security.nixos.org/issues/NIXPKGS-2026-0626)
- affected package maintainers: cc @lf-, @9999years, @RaitoBezarius, @Qyriad, @alois31

## Description

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, when using Transfer-Encoding: chunked, if a chunk's size parsed to a value of 2^64 or larger, it would be truncated to a 64-bit integer. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in 1.4.0.


<details>
<summary>Affected packages</summary>

- `capnproto` (1.2.0@nixos-25.11, 1.2.0@nixos-unstable)
</details>

## Additional comment

```
Upstream advisory: https://github.com/capnproto/capnproto/security/advisories/GHSA-vpcq-mx5v-32wm
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Cap'n Proto: Integer overflow in KJ-HTTP chunk size #499625

Description

Additional comment

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

Cap'n Proto: Integer overflow in KJ-HTTP chunk size #499625

Description

Description

Additional comment

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions