CVE-2023-32722

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-32722

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-32722.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-32722

Downstream

DLA-3909-1

openSUSE-SU-2024:13341-1

Related

openSUSE-SU-2024:13341-1

Published

2023-10-12T07:15:10Z

Modified

2025-07-01T14:58:47.948827Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbxjsonopen.

References

Affected packages

Debian:11 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:5.0.44+dfsg-1+deb11u1

Affected versions

1:5.*

1:5.0.8+dfsg-1

1:5.0.14+dfsg-1~bpo11+1

1:5.0.14+dfsg-1

1:5.0.17+dfsg-1~bpo11+1

1:5.0.17+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

1:6.0.23+dfsg-1

1:6.0.24+dfsg-1

1:6.0.25+dfsg-1

1:6.0.29+dfsg-1

1:7.*

1:7.0.0+dfsg-1

1:7.0.0+dfsg-2~bpo12+1

1:7.0.0+dfsg-2

1:7.0.1+dfsg-1~bpo12+1

1:7.0.1+dfsg-1

1:7.0.2+dfsg-1~bpo12+1

1:7.0.2+dfsg-1

1:7.0.3+dfsg-1

1:7.0.5+dfsg-1~bpo12+1

1:7.0.5+dfsg-1

1:7.0.6+dfsg-1

1:7.0.9+dfsg-1~bpo12+1

1:7.0.9+dfsg-1

1:7.0.10+dfsg-1

1:7.0.10+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:6.0.23+dfsg-1

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/zabbix/zabbix

Affected ranges

Type: GIT
Repo: https://github.com/zabbix/zabbix
Events: Last affected

72e3519b849b54011cc7792669fbcc629eb502c9

Last affected

8880b5094a533ea929452b4aebf021914df01eb8

Last affected

aef542ad8aef472874199012f9b2350db16dc7ee

Introduced

5203d2ea7d901cd33d148f20586e2155901a7faa

Last affected

b60e269feb4d3129744eed5162e72d509d348864

Affected versions

6.*

6.0.0

6.0.1

6.0.10

6.0.10rc1

6.0.10rc2

6.0.11

6.0.11rc1

6.0.11rc2

6.0.12

6.0.12rc1

6.0.12rc2

6.0.13

6.0.13rc1

6.0.14

6.0.14rc1

6.0.14rc2

6.0.15

6.0.15rc1

6.0.15rc2

6.0.16

6.0.16rc1

6.0.17

6.0.17rc1

6.0.17rc2

6.0.18

6.0.18rc1

6.0.19

6.0.19rc1

6.0.1rc1

6.0.1rc2

6.0.1rc3

6.0.1rc4

6.0.2

6.0.20

6.0.20rc1

6.0.2rc1

6.0.3

6.0.3rc1

6.0.4

6.0.4rc1

6.0.5

6.0.5rc1

6.0.6

6.0.6rc1

6.0.7

6.0.7rc1

6.0.8

6.0.8rc1

6.0.8rc2

6.0.9

6.0.9rc1

6.0.9rc2

7.*

7.0.0alpha1

7.0.0alpha2