Upstream information
Description
Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, when using Transfer-Encoding: chunked, if a chunk's size parsed to a value of 2^64 or larger, it would be truncated to a 64-bit integer. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in 1.4.0.SUSE information
Overall state of this security issue: Does not affect SUSE products
SUSE Bugzilla entry: 1259639 [NEW] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Thu Mar 12 22:03:33 2026CVE page last modified: Fri May 8 12:08:53 2026