JLSEC-2026-516

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as...

Design/Logic Flaw

In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked...

DEBIAN-CVE-2021-20236

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write. A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribin...

PT-2021-8015 · Zeromq +2 · Zeromq +2

Name of the Vulnerable Software and Affected Versions: ZeroMQ versions prior to 4.3.3 Description: A flaw in the ZeroMQ server allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. This poses a threat to...