K000149074: ZeroMQ vulnerabilities CVE-2014-9721 and CVE-2021-20236

Security Advisory Description CVE-2014-9721 libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header. CVE-2021-20236 A flaw was found in the ZeroMQ server in versions before 4.3....

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : ZeroMQ vulnerabilities (USN-4920-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4920-1 advisory. It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause...

USN-4920-1 zeromq3 vulnerabilities

It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code. CVE-2019-13132 It was discovered that ZeroMQ mishandled certain network traffic. An unauthenticated attacker could u...

OPENSUSE-SU-2020:1910-1 Security update for zeromq

This update for zeromq fixes the following issues: - CVE-2020-15166: Fixed the possibility of unauthenticated clients causing a denial-of-service bsc1176116. - Fixed a heap overflow when receiving malformed ZMTP v1 packets bsc1176256 - Fixed a memory leak in client induced by malicious servers...