CVE-2020-36400
CRITICALZeroMQ libzmq 4.3.3 - Heap-based Buffer Overflow in tcp_read
Title source: llmDescription
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.
References (3)
Core 3
Core References
Issue Tracking, Mailing List, Patch, Third Party Advisory x_refsource_misc
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26042
Third Party Advisory x_refsource_misc
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libzmq/OSV-2020-1887.yaml
Patch, Third Party Advisory x_refsource_misc
https://github.com/zeromq/libzmq/commit/397ac80850bf8d010fae23dd215db0ee2c677306
Scores
CVSS v3
9.8
EPSS
0.0184
EPSS Percentile
76.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (1)
zeromq/libzmq
4.3.3
Published
Jul 01, 2021
Tracked Since
Feb 18, 2026