CVE-2021-20236
- EPSS 0.38%
- Published 28.05.2021 11:15:07
- Last modified 21.11.2024 05:46:11
A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vul...
CVE-2014-9721
- EPSS 0.35%
- Published 03.06.2015 20:59:00
- Last modified 12.04.2025 10:46:40
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.
CVE-2014-7202
- EPSS 0.58%
- Published 08.10.2014 19:55:04
- Last modified 12.04.2025 10:46:40
stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request.
CVE-2014-7203
- EPSS 0.58%
- Published 08.10.2014 19:55:04
- Last modified 12.04.2025 10:46:40
libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors.