CVE-2024-36461

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-36461

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36461.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-36461

Downstream

DLA-3909-1

UBUNTU-CVE-2024-36461

openSUSE-SU-2024:0384-1

openSUSE-SU-2024:14356-1

Related

Published

2024-08-12T13:38:22Z

Modified

2025-07-01T16:00:02.553007Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine.

References

Affected packages

Debian:11 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:5.0.44+dfsg-1+deb11u1

Affected versions

1:5.*

1:5.0.8+dfsg-1

1:5.0.14+dfsg-1~bpo11+1

1:5.0.14+dfsg-1

1:5.0.17+dfsg-1~bpo11+1

1:5.0.17+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

1:6.0.23+dfsg-1

1:6.0.24+dfsg-1

1:6.0.25+dfsg-1

1:6.0.29+dfsg-1

1:7.*

1:7.0.0+dfsg-1

1:7.0.0+dfsg-2~bpo12+1

1:7.0.0+dfsg-2

1:7.0.1+dfsg-1~bpo12+1

1:7.0.1+dfsg-1

1:7.0.2+dfsg-1~bpo12+1

1:7.0.2+dfsg-1

1:7.0.3+dfsg-1

1:7.0.5+dfsg-1~bpo12+1

1:7.0.5+dfsg-1

1:7.0.6+dfsg-1

1:7.0.9+dfsg-1~bpo12+1

1:7.0.9+dfsg-1

1:7.0.10+dfsg-1

1:7.0.10+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:7.0.1+dfsg-1

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

1:6.0.23+dfsg-1

1:6.0.24+dfsg-1

1:6.0.25+dfsg-1

1:6.0.29+dfsg-1

1:7.*

1:7.0.0+dfsg-1

1:7.0.0+dfsg-2~bpo12+1

1:7.0.0+dfsg-2

1:7.0.1+dfsg-1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/zabbix/zabbix

Affected ranges

Type: GIT
Repo: https://github.com/zabbix/zabbix
Events: Last affected

49955f1fb5c9168a8a24b053f7ade6b3d903143c

Introduced

5203d2ea7d901cd33d148f20586e2155901a7faa

Last affected

680df722d6b72279a2fca65717fa113bfa9c48bc

Affected versions

6.*

6.0.0

6.0.1

6.0.10

6.0.10rc1

6.0.10rc2

6.0.11

6.0.11rc1

6.0.11rc2

6.0.12

6.0.12rc1

6.0.12rc2

6.0.13

6.0.13rc1

6.0.14

6.0.14rc1

6.0.14rc2

6.0.15

6.0.15rc1

6.0.15rc2

6.0.16

6.0.16rc1

6.0.17

6.0.17rc1

6.0.17rc2

6.0.18

6.0.18rc1

6.0.19

6.0.19rc1

6.0.1rc1

6.0.1rc2

6.0.1rc3

6.0.1rc4

6.0.2

6.0.20

6.0.20rc1

6.0.21

6.0.21rc1

6.0.22

6.0.22rc1

6.0.23

6.0.23rc1

6.0.25

6.0.25rc1

6.0.26

6.0.26rc1

6.0.27

6.0.27rc1

6.0.28

6.0.28rc1

6.0.29

6.0.29rc1

6.0.2rc1

6.0.3

6.0.30

6.0.30rc1

6.0.3rc1

6.0.4

6.0.4rc1

6.0.5

6.0.5rc1

6.0.6

6.0.6rc1

6.0.7

6.0.7rc1

6.0.8

6.0.8rc1

6.0.8rc2

6.0.9

6.0.9rc1

6.0.9rc2

7.*

7.0.0

7.0.0alpha1

7.0.0alpha2

7.0.0alpha3

7.0.0alpha4

7.0.0alpha6

7.0.0alpha7

7.0.0alpha8

7.0.0alpha9

7.0.0beta1

7.0.0beta2

7.0.0beta3

7.0.0rc1

7.0.0rc2

7.0.0rc3