Skip to content

Cap'n Proto has an integer overflow in KJ-HTTP #499628

New issue
New issue
Open
Open
Cap'n Proto has an integer overflow in KJ-HTTP#499628
Labels
1.severity: securityIssues which raise a security issue, or PRs that fix one
@nixpkgs-security-tracker

Description

@nixpkgs-security-tracker
nixpkgs-security-tracker
bot
opened on Mar 13, 2026

Description

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in 1.4.0.

Affected packages
  • capnproto (1.2.0@nixos-25.11, 1.2.0@nixos-unstable)

Additional comment

Upstream advisory: https://github.com/capnproto/capnproto/security/advisories/GHSA-qjx3-pp3m-9jpm

Metadata

Metadata

Assignees

No one assigned

    Labels

    1.severity: securityIssues which raise a security issue, or PRs that fix one

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions