4 matches found
K000149074: ZeroMQ vulnerabilities CVE-2014-9721 and CVE-2021-20236
Security Advisory Description CVE-2014-9721 libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header. CVE-2021-20236 A flaw was found in the ZeroMQ server in versions before 4.3....
SUSE CVE-2021-20236
A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as...
CVE-2021-20236 affecting package zeromq 4.3.2-2
CVE-2021-20236 affecting package zeromq 4.3.2-2. An upgraded version of the package is available that resolves this issue...
CVE-2021-20236
CVE-2021-20236 affects the ZeroMQ server (libzmq) prior to version 4.3.3. A crafted topic subscription request followed by unsubscribe can trigger a stack-based overflow on the server, impacting confidentiality, integrity, and availability. The vulnerability is confirmed across multiple sources (...