Astra Linux - уязвимость в zeromq3

There is a flaw in the zeromq server in versions before 4.3.3, located in src/decoderallocators.hpp. The decoder’s static allocator could have its size changed, but the buffer remains unchanged since it is a static buffer. A remote, unauthenticated attacker who sends a crafted request to the zero...

DEBIAN-CVE-2021-20237

An uncontrolled resource consumption memory leak flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if the CURVE/ZAP authentication is disabled on the server, causing a...

DEBIAN-CVE-2021-20235

There's a flaw in the zeromq server in versions before 4.3.3 in src/decoderallocators.hpp. The decoder static allocator could have its sized changed, but the buffer would remain the same as it is a static buffer. A remote, unauthenticated attacker who sends a crafted request to the zeromq server...

PT-2021-3606 · Check Point +3 · Gaia +4

Name of the Vulnerable Software and Affected Versions: ZeroMQ versions prior to 4.3.3 Check Point GAiA affected versions not specified Description: The issue is related to a buffer overflow in the ZeroMQ library, which can be exploited by a remote attacker to access confidential data, compromise...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an...