Back to search
CVE-2021-20237
Published: May 28, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
An uncontrolled resource consumption (memory leak) flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if the CURVE/ZAP authentication is disabled on the server, causing a denial of service. The highest threat from this vulnerability is to system availability.
| Vendor | Product | Versions |
|---|---|---|
n/a | zeromq | affected zeromq 4.3.3 |
Weaknesses (CWE)
References
https://bugzilla.redhat.com/show_bug.cgi?id=1921989
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now