All the vulnerabilites related to zeromq - zeromq
Vulnerability from fkie_nvd
Published
2014-10-08 19:55
Modified
2024-11-21 02:16
Severity ?
Summary
stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zeromq:zeromq:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B44ECF76-AB8E-4F9F-8776-F02C45200986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeromq:zeromq:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "34AFFDBE-A57D-4718-B5E4-65F8E8AC3A90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request."
},
{
"lang": "es",
"value": "stream_engine.cpp en libzmq (tambi\u00e9n conocido como ZeroMQ/C++)) 4.0.5 anterior a 4.0.5 permite a atacantes man-in-the-middle realizar ataques de degradaci\u00f3n a trav\u00e9s de una solicitud de conexi\u00f3n manipulada."
}
],
"id": "CVE-2014-7202",
"lastModified": "2024-11-21T02:16:31.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-10-08T19:55:04.313",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62262"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/70157"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96241"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/zeromq/libzmq/issues/1190"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/zeromq/libzmq/pull/1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/zeromq/libzmq/issues/1190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/zeromq/libzmq/pull/1188"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-08 19:55
Modified
2024-11-21 02:16
Severity ?
Summary
libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zeromq:zeromq:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B44ECF76-AB8E-4F9F-8776-F02C45200986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeromq:zeromq:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "312F64B2-A5CA-459B-8DD1-8CD21135079F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeromq:zeromq:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F998AB-AD48-4F8A-858E-CCB3AC268A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeromq:zeromq:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06C936DC-EA65-4A6F-9054-548B4BD9377B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeromq:zeromq:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "34AFFDBE-A57D-4718-B5E4-65F8E8AC3A90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors."
},
{
"lang": "es",
"value": "libzmq (tambi\u00e9n conocido como ZeroMQ/C++) 4.0.x anterior a 4.0.5 no asegura que los caracteres de un solo uso sean \u00fanicos, lo que permite a atacantes man-in-the-middle realizar ataques de reproducci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-7203",
"lastModified": "2024-11-21T02:16:31.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-10-08T19:55:04.360",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62262"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/70157"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96242"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/zeromq/libzmq/issues/1191"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/zeromq/libzmq/pull/1189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/zeromq/libzmq/issues/1191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/zeromq/libzmq/pull/1189"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-03 20:59
Modified
2024-11-21 02:21
Severity ?
Summary
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zeromq:zeromq:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E17E08A-D580-4A02-987C-93521C53B1C7",
"versionEndIncluding": "4.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeromq:zeromq:4.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "15DEF7F8-2682-485F-AE06-43DBA353EF05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header."
},
{
"lang": "es",
"value": "ibzmq en versiones anteriores a 4.0.6 y 4.1.x en versiones anteriores a 4.1.1 permite a atacantes remotos llevar a cabo ataques de degradado y eludir mecanismos de protocolos de seguridad ZMTP v3 a trav\u00e9s de una cabecera ZMTP v2 o versiones anteriores."
}
],
"id": "CVE-2014-9721",
"lastModified": "2024-11-21T02:21:31.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-06-03T20:59:00.090",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159176.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00018.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3255"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/zeromq/libzmq/issues/1273"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/zeromq/libzmq/issues/1273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-28 11:15
Modified
2024-11-21 05:46
Severity ?
Summary
A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1921976 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1921976 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zeromq | zeromq | * | |
| redhat | ceph_storage | 2.0 | |
| redhat | enterprise_linux | 7.0 | |
| fedoraproject | fedora | 33 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zeromq:zeromq:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0413A2-9EC5-49F3-ACE6-3E5922F67FB1",
"versionEndExcluding": "4.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D07DF15E-FE6B-4DAF-99BB-2147CF7D7EEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en el servidor ZeroMQ en versiones anteriores a 4.3.3.\u0026#xa0;Este fallo permite a un cliente malicioso causar un desbordamiento del b\u00fafer de pila en el servidor mediante el env\u00edo de peticiones de suscripci\u00f3n de temas dise\u00f1adas y luego cancelando la suscripci\u00f3n.\u0026#xa0;La mayor amenaza de esta vulnerabilidad es la confidencialidad, la integridad y la disponibilidad del sistema"
}
],
"id": "CVE-2021-20236",
"lastModified": "2024-11-21T05:46:11.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-28T11:15:07.933",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921976"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2014-7203
Vulnerability from cvelistv5
Published
2014-10-08 19:00
Modified
2024-08-06 12:40
Severity ?
EPSS score ?
Summary
libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/oss-sec/2014/q3/776 | mailing-list, x_refsource_MLIST | |
| http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html | vendor-advisory, x_refsource_SUSE | |
| https://github.com/zeromq/libzmq/pull/1189 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/70157 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/96242 | vdb-entry, x_refsource_XF | |
| http://seclists.org/oss-sec/2014/q3/754 | mailing-list, x_refsource_MLIST | |
| https://github.com/zeromq/libzmq/issues/1191 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/62262 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140927 Re: CVE request: zeromq",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"name": "openSUSE-SU-2014:1381",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeromq/libzmq/pull/1189"
},
{
"name": "openSUSE-SU-2014:1493",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"name": "70157",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70157"
},
{
"name": "zeromq-connection-nonces-replay(96242)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96242"
},
{
"name": "[oss-security] 20140926 CVE request: zeromq",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeromq/libzmq/issues/1191"
},
{
"name": "62262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20140927 Re: CVE request: zeromq",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"name": "openSUSE-SU-2014:1381",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeromq/libzmq/pull/1189"
},
{
"name": "openSUSE-SU-2014:1493",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"name": "70157",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70157"
},
{
"name": "zeromq-connection-nonces-replay(96242)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96242"
},
{
"name": "[oss-security] 20140926 CVE request: zeromq",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeromq/libzmq/issues/1191"
},
{
"name": "62262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140927 Re: CVE request: zeromq",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"name": "openSUSE-SU-2014:1381",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"name": "https://github.com/zeromq/libzmq/pull/1189",
"refsource": "CONFIRM",
"url": "https://github.com/zeromq/libzmq/pull/1189"
},
{
"name": "openSUSE-SU-2014:1493",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"name": "70157",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70157"
},
{
"name": "zeromq-connection-nonces-replay(96242)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96242"
},
{
"name": "[oss-security] 20140926 CVE request: zeromq",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"name": "https://github.com/zeromq/libzmq/issues/1191",
"refsource": "CONFIRM",
"url": "https://github.com/zeromq/libzmq/issues/1191"
},
{
"name": "62262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7203",
"datePublished": "2014-10-08T19:00:00",
"dateReserved": "2014-09-26T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9721
Vulnerability from cvelistv5
Published
2015-06-03 20:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2015/dsa-3255 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159176.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.opensuse.org/opensuse-updates/2015-06/msg00018.html | vendor-advisory, x_refsource_SUSE | |
| https://github.com/zeromq/libzmq/issues/1273 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51"
},
{
"name": "DSA-3255",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3255"
},
{
"name": "FEDORA-2015-8635",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159176.html"
},
{
"name": "openSUSE-SU-2015:1028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeromq/libzmq/issues/1273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51"
},
{
"name": "DSA-3255",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3255"
},
{
"name": "FEDORA-2015-8635",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159176.html"
},
{
"name": "openSUSE-SU-2015:1028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeromq/libzmq/issues/1273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9721",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51",
"refsource": "CONFIRM",
"url": "https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51"
},
{
"name": "DSA-3255",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3255"
},
{
"name": "FEDORA-2015-8635",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159176.html"
},
{
"name": "openSUSE-SU-2015:1028",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00018.html"
},
{
"name": "https://github.com/zeromq/libzmq/issues/1273",
"refsource": "CONFIRM",
"url": "https://github.com/zeromq/libzmq/issues/1273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9721",
"datePublished": "2015-06-03T20:00:00",
"dateReserved": "2015-05-21T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-20236
Vulnerability from cvelistv5
Published
2021-05-28 10:42
Modified
2024-08-03 17:37
Severity ?
EPSS score ?
Summary
A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1921976 | x_refsource_MISC | |
| https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:37:23.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921976"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "zeromq",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "zeromq 4.3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120-\u003eCWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-28T10:42:19",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921976"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-20236",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "zeromq",
"version": {
"version_data": [
{
"version_value": "zeromq 4.3.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120-\u003eCWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1921976",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921976"
},
{
"name": "https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8",
"refsource": "MISC",
"url": "https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-20236",
"datePublished": "2021-05-28T10:42:19",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:37:23.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-7202
Vulnerability from cvelistv5
Published
2014-10-08 19:00
Modified
2024-08-06 12:40
Severity ?
EPSS score ?
Summary
stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/oss-sec/2014/q3/776 | mailing-list, x_refsource_MLIST | |
| http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html | vendor-advisory, x_refsource_SUSE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/96241 | vdb-entry, x_refsource_XF | |
| https://github.com/zeromq/libzmq/pull/1188 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/70157 | vdb-entry, x_refsource_BID | |
| https://github.com/zeromq/libzmq/issues/1190 | x_refsource_CONFIRM | |
| http://seclists.org/oss-sec/2014/q3/754 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/62262 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140927 Re: CVE request: zeromq",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"name": "openSUSE-SU-2014:1381",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"name": "zeromq-handshake-sec-bypass(96241)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96241"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeromq/libzmq/pull/1188"
},
{
"name": "openSUSE-SU-2014:1493",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"name": "70157",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70157"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeromq/libzmq/issues/1190"
},
{
"name": "[oss-security] 20140926 CVE request: zeromq",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"name": "62262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20140927 Re: CVE request: zeromq",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"name": "openSUSE-SU-2014:1381",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"name": "zeromq-handshake-sec-bypass(96241)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96241"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeromq/libzmq/pull/1188"
},
{
"name": "openSUSE-SU-2014:1493",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"name": "70157",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70157"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeromq/libzmq/issues/1190"
},
{
"name": "[oss-security] 20140926 CVE request: zeromq",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"name": "62262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140927 Re: CVE request: zeromq",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/776"
},
{
"name": "openSUSE-SU-2014:1381",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00027.html"
},
{
"name": "zeromq-handshake-sec-bypass(96241)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96241"
},
{
"name": "https://github.com/zeromq/libzmq/pull/1188",
"refsource": "CONFIRM",
"url": "https://github.com/zeromq/libzmq/pull/1188"
},
{
"name": "openSUSE-SU-2014:1493",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00101.html"
},
{
"name": "70157",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70157"
},
{
"name": "https://github.com/zeromq/libzmq/issues/1190",
"refsource": "CONFIRM",
"url": "https://github.com/zeromq/libzmq/issues/1190"
},
{
"name": "[oss-security] 20140926 CVE request: zeromq",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/754"
},
{
"name": "62262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7202",
"datePublished": "2014-10-08T19:00:00",
"dateReserved": "2014-09-26T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}