Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-32239

Опубликовано: 12 мар. 2026
Источник: redhat
CVSS3: 4.8
EPSS Низкий

Описание

A flaw was found in the KJ-HTTP component of Cap’n Proto. When processing HTTP messages, a negative Content-Length value could be implicitly converted to an unsigned integer, resulting in an extremely large length value. An attacker could exploit this behavior by sending specially crafted HTTP messages containing negative Content-Length values. This may lead to inconsistent interpretation of HTTP message boundaries and could theoretically enable HTTP request or response smuggling scenarios in applications that rely on Cap’n Proto’s HTTP implementation.

Отчет

This issue is rated Moderate severity by Red Hat Product Security, because exploitation requires the attacker to craft malformed HTTP messages containing negative Content-Length values that trigger the integer conversion behavior in the KJ-HTTP parser. Such malformed inputs are not typically generated during normal HTTP communication and may be rejected or normalized by intermediate HTTP components such as proxies or load balancers or front-end servers before reaching the affected parser. The potential impact is also limited to inconsistent interpretation of HTTP request boundaries, which could enable limited request smuggling scenarios depending on application architecture. The vulnerability does not directly allow remote code execution or service crashes.

Меры по смягчению последствий

Red Hat is not aware of a practical temporary workaround that fully mitigates this issue or meets Red Hat Product Security's standards for usability, deployment, applicability, or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10capnprotoFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-681
https://bugzilla.redhat.com/show_bug.cgi?id=2447106capnproto: Cap'n Proto has an integer overflow in KJ-HTTP

EPSS

Процентиль: 23%
0.00077
Низкий

4.8 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2026-32239

CVSS3: 6.5
ubuntu
14 дней назад

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in 1.4.0.

nvd логотип

CVE-2026-32239

CVSS3: 6.5
nvd
14 дней назад

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in 1.4.0.

debian логотип

CVE-2026-32239

CVSS3: 6.5
debian
14 дней назад

Cap'n Proto is a data interchange format and capability-based RPC syst ...

EPSS

Процентиль: 23%
0.00077
Низкий

4.8 Medium

CVSS3