Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-4920-1
HistoryJun 15, 2022 - 6:16 p.m.

zeromq3 vulnerabilities

2022-06-1518:16:23
Google
osv.dev
1

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.614 Medium

EPSS

Percentile

97.8%

JSON

It was discovered that ZeroMQ incorrectly handled certain application
metadata. A remote attacker could use this issue to cause ZeroMQ to crash,
or possibly execute arbitrary code. (CVE-2019-13132)

It was discovered that ZeroMQ mishandled certain network traffic. An
unauthenticated attacker could use this vulnerability to cause a denial-of-
service and prevent legitimate clients from communicating with ZeroMQ.
(CVE-2020-15166)

It was discovered that ZeroMQ did not properly manage memory under certain
circumstances. If a user or automated system were tricked into connecting
to one or multiple compromised servers, a remote attacker could use this
issue to cause a denial of service. (CVE-2021-20234)

It was discovered that ZeroMQ incorrectly handled memory when processing
messages with arbitrarily large sizes under certain circumstances. A remote
unauthenticated attacker could use this issue to cause a ZeroMQ server to crash,
resulting in a denial of service, or possibly execute arbitrary code. This issue
only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-20235)

It was discovered that ZeroMQ did not properly manage memory under certain
circumstances. A remote unauthenticated attacker could use this issue to
cause a ZeroMQ server to crash, resulting in a denial of service. This issue
only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-20237)

Related

openvas 18
ubuntu 2
nessus 34
debian 7
osv 11
checkpoint_advisories 1
prion 6
redhatcve 5
cve 6
debiancve 6
suse 3
fedora 5
veracode 2
ubuntucve 6
alpinelinux 2
gentoo 2
photon 18
hackerone 1
freebsd 2
mageia 2
archlinux 2
checkpoint_security 1
ibm 1
openvas
openvas
Ubuntu: Security Advisory (USN-4920-1)
2023-01-27 00:00:00
Debian: Security Advisory (DLA-2588-1)
2021-03-11 00:00:00
Debian: Security Advisory (DSA-4477-1)
2019-07-09 00:00:00
ubuntu
ubuntu
ZeroMQ vulnerabilities
2022-06-15 00:00:00
ZeroMQ vulnerability
2019-07-08 00:00:00
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : ZeroMQ vulnerabilities (USN-4920-1)
2023-10-16 00:00:00
Debian DLA-2588-1 : zeromq3 security update
2021-03-11 00:00:00
Fedora 33 : zeromq (2021-8b3202b783)
2021-02-08 00:00:00
debian
debian
[SECURITY] [DLA 2588-1] zeromq3 security update
2021-03-10 16:05:27
[SECURITY] [DSA 4477-1] zeromq3 security update
2019-07-08 16:13:55
[SECURITY] [DLA 1849-1] zeromq3 security update
2019-07-08 17:05:18
osv
osv
zeromq3 - security update
2021-03-09 00:00:00
CVE-2021-20234
2021-04-01 14:15:13
CVE-2021-20237
2021-05-28 11:15:07
checkpoint_advisories
checkpoint_advisories
ZeroMQ libzmq Buffer Overflow (CVE-2019-13132)
2019-09-18 00:00:00
prion
prion
Stack overflow
2019-07-10 19:15:00
Design/Logic Flaw
2021-05-28 11:15:00
Buffer overflow
2021-04-01 14:15:00
redhatcve
redhatcve
CVE-2019-13132
2019-07-15 04:51:32
CVE-2021-20234
2021-02-12 15:29:09
CVE-2021-20235
2021-02-12 15:29:59
cve
cve
CVE-2021-20237
2021-05-28 11:15:00
CVE-2021-20234
2021-04-01 14:15:00
CVE-2019-13132
2019-07-10 19:15:00
debiancve
debiancve
CVE-2021-20234
2021-04-01 14:15:00
CVE-2021-20237
2021-05-28 11:15:00
CVE-2019-13132
2019-07-10 19:15:00
suse
suse
Security update for zeromq (important)
2019-07-21 00:00:00
Security update for zeromq (moderate)
2020-11-13 00:00:00
Security update for zeromq (moderate)
2020-11-14 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: zeromq-4.1.7-1.fc29
2019-10-03 02:10:05
[SECURITY] Fedora 31 Update: zeromq-4.3.2-1.fc31
2019-09-28 00:05:31
[SECURITY] Fedora 30 Update: zeromq-4.3.2-1.fc30
2019-10-03 01:06:05
veracode
veracode
Denial Of Service (DoS)
2019-07-11 02:51:13
Denial-of-Service (DoS)
2020-09-08 04:30:51
ubuntucve
ubuntucve
CVE-2019-13132
2019-07-08 00:00:00
CVE-2021-20235
2021-04-01 00:00:00
CVE-2021-20234
2021-04-01 00:00:00
alpinelinux
alpinelinux
CVE-2019-13132
2019-07-10 19:15:00
CVE-2020-15166
2020-09-11 16:15:00
gentoo
gentoo
ZeroMQ: Arbitrary code execution
2019-08-15 00:00:00
ZeroMQ: Denial of service
2020-09-13 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0232
2021-05-05 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0322
2020-09-09 00:00:00
Important Photon OS Security Update - PHSA-2020-0139
2020-09-12 00:00:00
hackerone
hackerone
Monero: CVE-2019-13132 - libzmq 4.1 series is vulnerable
2019-07-22 08:00:22
freebsd
freebsd
libzmq4 -- Stack overflow
2019-06-27 00:00:00
libzmq4 -- Denial of Service
2020-09-07 00:00:00
mageia
mageia
Updated zeromq packages fix security vulnerability
2019-11-14 19:58:51
Updated zeromq packages fix security vulnerability
2020-09-15 15:55:09
archlinux
archlinux
[ASA-202009-15] lib32-zeromq: denial of service
2020-09-26 00:00:00
[ASA-202009-16] zeromq: denial of service
2020-09-26 00:00:00
checkpoint_security
checkpoint_security
Check Point Response to CVE-2021-36299, CVE-2021-36300, CVE-2021-36301, CVE-2021-20235
2021-11-04 01:43:45
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-za
2019-07-25 15:25:01

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.614 Medium

EPSS

Percentile

97.8%

JSON
Related for OSV:USN-4920-1
openvas18ubuntu2nessus34debian7osv11checkpoint_advisories1prion6redhatcve5cve6debiancve6suse3fedora5veracode2ubuntucve6alpinelinux2gentoo2photon18hackerone1freebsd2mageia2archlinux2checkpoint_security1ibm1