15 matches found
OESA-2024-1133 zeromq security update
ZeroMQ also spelled ØMQ, 0MQ or ZMQ is a high-performance asynchronous messaging library, aimed at use in distributed or concurrent applications. It provides a message queue, but unlike message-oriented middleware, a ZeroMQ system can run without a dedicated message broker. The library's API is...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : ZeroMQ vulnerabilities (USN-4920-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4920-1 advisory. It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause...
BELL-CVE-2020-15166 CVE-2020-15166 does not affect BellSoft software
Bulletin has no description...
FreeBSD : libzmq4 -- Denial of Service (21ec4428-bdaa-11eb-a04e-641c67a117d8)
Google's oss-fuzz project reports : Denial-of-Service on CURVE/ZAP-protected servers by unauthenticated clients. If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able to exchange any message. Handshakes complete...
Security update for zeromq (moderate)
openSUSE Security Update: Security update for zeromq Announcement ID: openSUSE-SU-2020:1910-1 Rating: moderate References: 1176116 1176256 1176257 1176258 1176259 Cross-References: CVE-2020-15166 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has four fixes is n...
Debian: Security Advisory (DLA-2443-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2443-1] zeromq3 security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2443-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 10, 2020 https://wiki.debian.org/LTS -...
Fedora: Security Advisory for zeromq (FEDORA-2020-5460fcf6bd)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 32 : zeromq (2020-08402f4071)
Fix for 1876738 and 1876689 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
Photon OS 2.0: Zeromq PHSA-2020-2.0-0281
An update of the zeromq package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0281. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid14066...
Photon OS 3.0: Zeromq PHSA-2020-3.0-0139
An update of the zeromq package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0139. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid14053...
ALPINE-CVE-2020-15166
In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able...
CVE-2020-15166
CVE-2020-15166 affects ZeroMQ (libzmq) up to 4.3.3. The vulnerability arises when a remote, unauthenticated client connects to a CURVE/ZAP-protected endpoint before the handshake completes, allowing a denial-of-service where legitimate clients cannot exchange messages, though handshakes complete....
Photon OS 1.0: Zeromq PHSA-2020-1.0-0322
An update of the zeromq package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0322. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid14045...
Debian DSA-4761-1 : zeromq3 - security update
It was discovered that ZeroMQ, a lightweight messaging kernel library does not properly handle connecting peers before a handshake is completed. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE...