zabbix vulnerabilities

Known vulnerabilities in the zabbix package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L CVE-2024-42331	<1:5.0.45+dfsg-1+deb11u1
L CVE-2024-36467	<1:5.0.44+dfsg-1+deb11u1
L CVE-2024-42332	<1:5.0.45+dfsg-1+deb11u1
L CVE-2024-36463	<1:5.0.44+dfsg-1+deb11u1
L CVE-2024-22117	<1:5.0.44+dfsg-1+deb11u1
L CVE-2024-42333	<1:5.0.45+dfsg-1+deb11u1
L CVE-2024-36464	<1:5.0.45+dfsg-1+deb11u1
L CVE-2024-42330	<1:5.0.45+dfsg-1+deb11u1
H Arbitrary Code Injection	<1:5.0.44+dfsg-1+deb11u1
H Insufficiently Protected Credentials	<1:5.0.44+dfsg-1+deb11u1
L Arbitrary Code Injection	<1:5.0.44+dfsg-1+deb11u1
C Arbitrary Command Injection	<1:5.0.44+dfsg-1+deb11u1
H CVE-2024-36461	<1:5.0.44+dfsg-1+deb11u1
M Improper Preservation of Permissions	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
H Improper Check for Unusual or Exceptional Conditions	<1:5.0.44+dfsg-1+deb11u1
H Improper Input Validation	<1:5.0.44+dfsg-1+deb11u1
L Arbitrary Code Injection	*
H Out-of-bounds Write	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
H Incorrect Permission Assignment for Critical Resource	<1:5.0.44+dfsg-1+deb11u1
C Incorrect Permission Assignment for Critical Resource	<1:5.0.0+dfsg-1
H Files or Directories Accessible to External Parties	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
H Improper Validation of Array Index	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
M Allocation of Resources Without Limits or Throttling	<1:5.0.44+dfsg-1+deb11u1
C Incorrect Authorization	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
H Incorrect Permission Assignment for Critical Resource	<1:5.0.44+dfsg-1+deb11u1
M Cross-site Scripting (XSS)	<1:5.0.44+dfsg-1+deb11u1
H Cross-site Request Forgery (CSRF)	<1:5.0.8+dfsg-1
C CVE-2020-11800	<1:4.0.0+dfsg-1
M Cross-site Scripting (XSS)	<1:5.0.2+dfsg-1
C Improper Input Validation	<1:2.0.7+dfsg-1
H Inadequate Encryption Strength	<1:5.0.0+dfsg-1
C Authorization Bypass Through User-Controlled Key	<1:5.0.0+dfsg-1
M Information Exposure	<1:5.0.7+dfsg-1
L Open Redirect	<1:3.0.17+dfsg-1
C SQL Injection	<1:2.0.8+dfsg-2
H CVE-2017-2825	<1:3.0.7+dfsg-3
L Information Exposure	<1:4.0.0+dfsg-1
C XML External Entity (XXE) Injection	<1:2.2.5+dfsg-1
H OS Command Injection	<1:3.0.7+dfsg-3
C SQL Injection	<1:3.0.4+dfsg-1
H SQL Injection	<1:3.0.3+dfsg-1
H SQL Injection	<1:2.2.7+dfsg-2
M CVE-2014-1685	<1:2.2.2+dfsg-1
M Improper Authentication	<1:2.2.2+dfsg-1
M Cryptographic Issues	<1:2.0.7+dfsg-1
L Arbitrary Code Injection	<1:2.2.0+dfsg-6
M Improper Authentication	<1:2.0.4+dfsg-2
L Access Restriction Bypass	<1:2.2.2+dfsg-1
H SQL Injection	<1:2.0.2+dfsg-1
M Cross-site Scripting (XSS)	<1:1.8.10-1
M Cross-site Scripting (XSS)	<1:1.8.10-1
H SQL Injection	<1:1.8.9-1
H SQL Injection	<1:1.8.2-1
M Cross-site Scripting (XSS)	<1:1.8.6-1
M Resource Management Errors	<1:1.8.6-1
M Information Exposure	<1:1.8.9-1
L Information Exposure	<1:1.8.6-1
M Cross-site Scripting (XSS)	<1:1.8.3-1
H SQL Injection	<1:1.8.2-1
H SQL Injection	<1:1.8-1
M OS Command Injection	<1:1.8-1
H Access Restriction Bypass	<1:1.8-1
M Out-of-Bounds	<1:1.8-1
M Out-of-Bounds	<1:1.8-1
L CVE-2008-1353	<1:1.4.5-1
M Configuration	<1:1.4.2-4
C CVE-2007-0640	<1:1.1.4-8
M CVE-2006-6692	<1:1.1.2-4
M CVE-2006-6693	<1:1.1.2-4

Vulnerability

Vulnerable Version

CVE-2024-42331

<1:5.0.45+dfsg-1+deb11u1

CVE-2024-36467

<1:5.0.44+dfsg-1+deb11u1

CVE-2024-42332

<1:5.0.45+dfsg-1+deb11u1

CVE-2024-36463

<1:5.0.44+dfsg-1+deb11u1

CVE-2024-22117

<1:5.0.44+dfsg-1+deb11u1