DSA-4477-1 zeromq3 -- zeromq3ID: oval:org.secpod.oval:def:604456 | Date: (C)2019-07-18 (M)2024-04-17 |
Class: PATCH | Family: unix |
Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled, can take advantage of this flaw to cause a denial of service or the execution of arbitrary code.
Platform: |
Debian 10.x |
Debian 9.x |
Product: |
libzmq5 |
libzmq3-dev |