Vulnerability Details CVE-2021-20234
An uncontrolled resource consumption (memory leak) flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2021-20234
-
cpe:2.3:a:zeromq:libzmq:4.0.9
-
cpe:2.3:a:zeromq:libzmq:4.1.0
-
cpe:2.3:a:zeromq:libzmq:4.1.7
-
cpe:2.3:a:zeromq:libzmq:4.2.0
-
cpe:2.3:a:zeromq:libzmq:4.2.1
-
cpe:2.3:a:zeromq:libzmq:4.2.2
-
cpe:2.3:a:zeromq:libzmq:4.2.3
-
cpe:2.3:a:zeromq:libzmq:4.2.4
-
cpe:2.3:a:zeromq:libzmq:4.2.5
-
cpe:2.3:a:zeromq:libzmq:4.3.0
-
cpe:2.3:a:zeromq:libzmq:4.3.1
-
cpe:2.3:a:zeromq:libzmq:4.3.2