Hi, find below the officially assigned CVEs from the CVE assignment team, MITRE CVE Numbering Authority.
Have a nice weekend, Roland --------------------- > did not validate the other party's security handshake properly, > allowing a man-in-the-middle downgrade attack. > https://github.com/zeromq/libzmq/issues/1190 Use CVE-2014-7202. > libzmq (ZeroMQ/C++) did not implement a uniqueness check on connection > nonces, and the CurveZMQ RFC was ambiguous about nonce validation. > This allowed replay attacks. > https://github.com/zeromq/libzmq/issues/1191 Use CVE-2014-7203. _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
