Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
There's a flaw in the zeromq server in versions before 4.3.3 in src/decoder_allocators.hpp. The decoder static allocator could have its sized changed, but the buffer would remain the same as it is a static buffer. A remote, unauthenticated attacker who sends a crafted request to the zeromq server could trigger a buffer overflow WRITE of arbitrary data if CURVE/ZAP authentication is not enabled. The greatest impact of this flaw is to application availability, data integrity, and confidentiality.
CVSS Information
N/A
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
libzmq 缓冲区错误漏洞
Vulnerability Description
ZeroMQ libzmq(0MQ)是一个轻量级分布式消息传递引擎核心库。 libzmq 存在安全漏洞,攻击者可利用该漏洞通过libzmq的ZMTP V1包触发缓冲区溢出,从而触发拒绝服务,并可能运行代码。
CVSS Information
N/A
Vulnerability Type
N/A