zabbix vulnerabilities

Known vulnerabilities in the zabbix package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L CVE-2024-36466	*
L CVE-2024-36464	*
L CVE-2024-42330	*
L CVE-2024-36463	*
L CVE-2024-22117	*
L CVE-2024-42331	*
L CVE-2024-42333	*
L CVE-2024-42332	*
L CVE-2024-36467	*
L CVE-2024-42327	*
H Insufficiently Protected Credentials	*
L Arbitrary Code Injection	*
C Arbitrary Command Injection	*
H Arbitrary Code Injection	*
H CVE-2024-36461	*
M Improper Preservation of Permissions	*
L CVE-2024-22120	*
M Cross-site Scripting (XSS)	*
H Improper Input Validation	*
H Reliance on Cookies without Validation and Integrity Checking	*
C Arbitrary Code Injection	*
H Improper Check for Unusual or Exceptional Conditions	*
L Arbitrary Code Injection	*
L Out-of-bounds Write	*
L Cross-site Scripting (XSS)	*
H Incorrect Permission Assignment for Critical Resource	*
C Incorrect Permission Assignment for Critical Resource	<1:5.0.0+dfsg-1
L Files or Directories Accessible to External Parties	*
L Cross-site Scripting (XSS)	*
L Cross-site Scripting (XSS)	*
L Improper Validation of Array Index	*
L Cross-site Scripting (XSS)	*
L Out-of-bounds Write	*
L Cross-site Scripting (XSS)	*
L Allocation of Resources Without Limits or Throttling	*
L Cross-site Scripting (XSS)	*
M Improper Input Validation	<1:6.0.13+dfsg-1
C Incorrect Authorization	<1:6.0.13+dfsg-1
M Cross-site Scripting (XSS)	<1:6.0.7+dfsg-2
M Cross-site Scripting (XSS)	<1:6.0.7+dfsg-2
M Cross-site Scripting (XSS)	<1:6.0.7+dfsg-2
M Cross-site Scripting (XSS)	<1:6.0.7+dfsg-2
M Cross-site Scripting (XSS)	<1:6.0.7+dfsg-2
M Cross-site Scripting (XSS)	<1:6.0.7+dfsg-2
M Cross-site Scripting (XSS)	<1:6.0.7+dfsg-2
M Improper Authentication	<1:6.0.7+dfsg-2
H Incorrect Permission Assignment for Critical Resource	<1:6.0.7+dfsg-2
M Cross-site Scripting (XSS)	<1:6.0.7+dfsg-2
H Cross-site Request Forgery (CSRF)	<1:5.0.8+dfsg-1
C CVE-2020-11800	<1:4.0.0+dfsg-1
M Cross-site Scripting (XSS)	<1:5.0.2+dfsg-1
C Improper Input Validation	<1:2.0.7+dfsg-1
H Inadequate Encryption Strength	<1:5.0.0+dfsg-1
C Authorization Bypass Through User-Controlled Key	<1:5.0.0+dfsg-1
M Information Exposure	<1:5.0.7+dfsg-1
L Open Redirect	<1:3.0.17+dfsg-1
C SQL Injection	<1:2.0.8+dfsg-2
H CVE-2017-2825	<1:3.0.7+dfsg-3
L Information Exposure	<1:4.0.0+dfsg-1
C XML External Entity (XXE) Injection	<1:2.2.5+dfsg-1
H OS Command Injection	<1:3.0.7+dfsg-3
C SQL Injection	<1:3.0.4+dfsg-1
H SQL Injection	<1:3.0.3+dfsg-1
H SQL Injection	<1:2.2.7+dfsg-2
M CVE-2014-1685	<1:2.2.2+dfsg-1
M Improper Authentication	<1:2.2.2+dfsg-1
M Cryptographic Issues	<1:2.0.7+dfsg-1
L Arbitrary Code Injection	<1:2.2.0+dfsg-6
M Improper Authentication	<1:2.0.4+dfsg-2
L Access Restriction Bypass	<1:2.2.2+dfsg-1
H SQL Injection	<1:2.0.2+dfsg-1
M Cross-site Scripting (XSS)	<1:1.8.10-1
M Cross-site Scripting (XSS)	<1:1.8.10-1
H SQL Injection	<1:1.8.9-1
H SQL Injection	<1:1.8.2-1
M Resource Management Errors	<1:1.8.6-1
M Information Exposure	<1:1.8.9-1
L Information Exposure	<1:1.8.6-1
M Cross-site Scripting (XSS)	<1:1.8.6-1
M Cross-site Scripting (XSS)	<1:1.8.3-1
H SQL Injection	<1:1.8.2-1
M Out-of-Bounds	<1:1.8-1
H Access Restriction Bypass	<1:1.8-1
M OS Command Injection	<1:1.8-1
H SQL Injection	<1:1.8-1
M Out-of-Bounds	<1:1.8-1
L CVE-2008-1353	<1:1.4.5-1
M Configuration	<1:1.4.2-4
C CVE-2007-0640	<1:1.1.4-8
M CVE-2006-6692	<1:1.1.2-4
M CVE-2006-6693	<1:1.1.2-4

Vulnerability

Vulnerable Version

CVE-2024-36466