| Release | Version |
|---|---|
| stretch | 4.2.1-4+deb9u2 |
| stretch (security) | 4.2.1-4+deb9u4 |
| buster | 4.3.1-4+deb10u2 |
| bullseye | 4.3.4-1 |
| bookworm | 4.3.4-1 |
| sid | 4.3.4-1 |
| Bug | stretch | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2021-20237 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | An uncontrolled resource consumption (memory leak) flaw was found in Z ... |
| CVE-2021-20236 | vulnerable (no DSA, ignored) | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in the ZeroMQ server in versions before 4.3.3. This f ... |
| CVE-2021-20235 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | There's a flaw in the zeromq server in versions before 4.3.3 in src/de ... |
| CVE-2021-20234 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | An uncontrolled resource consumption (memory leak) flaw was found in t ... |
| Bug | Description |
|---|---|
| CVE-2020-36400 | ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, ... |
| CVE-2020-15166 | In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerabi ... |
| CVE-2019-13132 | In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4. ... |
| CVE-2019-6250 | A pointer overflow, with code execution, was discovered in ZeroMQ libz ... |
| CVE-2014-9721 | libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to ... |
| CVE-2014-7203 | libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces ... |
| CVE-2014-7202 | stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allow ... |
| DSA / DLA | Description |
|---|---|
| DLA-2588-1 | zeromq3 - security update |
| DLA-2443-1 | zeromq3 - security update |
| DSA-4761-1 | zeromq3 - security update |
| DSA-4477-1 | zeromq3 - security update |
| DLA-1849-1 | zeromq3 - security update |
| DSA-4368-1 | zeromq3 - security update |
| DSA-3255-1 | zeromq3 - security update |