Vulnerabilities > Zeromq

DATE CVE VULNERABILITY TITLE RISK
2021-07-01 CVE-2020-36400 Out-of-bounds Write vulnerability in Zeromq Libzmq 4.3.3
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.
network
low complexity
zeromq CWE-787
critical
9.8
2021-05-28 CVE-2021-20236 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the ZeroMQ server in versions before 4.3.3.
network
low complexity
zeromq redhat fedoraproject CWE-787
critical
9.8
2021-05-28 CVE-2021-20237 Memory Leak vulnerability in Zeromq Libzmq
An uncontrolled resource consumption (memory leak) flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3.
network
low complexity
zeromq CWE-401
7.5
2021-04-01 CVE-2021-20235 Out-of-bounds Write vulnerability in Zeromq Libzmq
There's a flaw in the zeromq server in versions before 4.3.3 in src/decoder_allocators.hpp.
network
high complexity
zeromq CWE-787
8.1
2021-04-01 CVE-2021-20234 Memory Leak vulnerability in Zeromq Libzmq
An uncontrolled resource consumption (memory leak) flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp.
network
low complexity
zeromq CWE-401
6.5
2020-09-11 CVE-2020-15166 Resource Exhaustion vulnerability in multiple products
In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability.
network
low complexity
zeromq fedoraproject debian CWE-400
7.5
2019-07-10 CVE-2019-13132 Out-of-bounds Write vulnerability in multiple products
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library.
network
low complexity
zeromq debian canonical fedoraproject CWE-787
critical
9.8
2019-01-13 CVE-2019-6250 Integer Overflow or Wraparound vulnerability in multiple products
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1.
network
low complexity
zeromq debian CWE-190
8.8