CVE-2019-13132

🗓️ 10 Jul 2019 19:15:10Reported by [email protected]Type

Remote client can trigger stack overflow in ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.

Reporter	Title	Published	Views	Family All 79
IBM Security Bulletins	Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-za	25 Jul 201915:25	–	ibm
FreeBSD	libzmq4 -- Stack overflow	27 Jun 201900:00	–	freebsd
ATTACKERKB	CVE-2019-13132	10 Jul 201919:15	–	attackerkb
AlpineLinux	CVE-2019-13132	10 Jul 201900:00	–	alpinelinux
GithubExploit	Exploit for Out-of-bounds Write in Zeromq Libzmq	4 May 202603:47	–	githubexploit
Circl	CVE-2019-13132	4 May 202609:00	–	circl
CNVD	ZeroMQ Stack Buffer Overflow Vulnerability	9 Jul 201900:00	–	cnvd
Check Point Advisories	ZeroMQ libzmq Buffer Overflow (CVE-2019-13132)	18 Sep 201900:00	–	checkpoint_advisories
CVE	CVE-2019-13132	10 Jul 201900:00	–	cve
Cvelist	CVE-2019-13132	10 Jul 201900:00	–	cvelist

NVD

Node

zeromq libzmqRange4.1.0–4.1.7

zeromq libzmqRange4.2.0–4.3.2

Node

Node

Node

Source	Link
securityfocus	www.securityfocus.com/bid/109284
fangpenlin	www.fangpenlin.com/posts/2024/04/07/how-i-discovered-a-9-point-8-critical-security-vulnerability-in-zeromq-with-mostly-pure-luck/
news	www.news.ycombinator.com/item
security	www.security.gentoo.org/glsa/201908-17
github	www.github.com/zeromq/libzmq/releases
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVCTNUEOFFZUNJOXFCYCF3C6Y6NDILI3/
debian	www.debian.org/security/2019/dsa-4477
usn	www.usn.ubuntu.com/4050-1/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MK7SJYDJ7MMRRRPCUN3SCSE7YK6ZSHVS/
github	www.github.com/zeromq/libzmq/issues/3558

21 Nov 2024 04:24Current

9.8High risk

Vulners AI Score9.8

CVSS 27.5

CVSS 3.19.8

EPSS0.22275