VYPR

rpm package

suse/zabbix&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/zabbix&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (4)

  • CVE-2024-42325Apr 2, 2025
    affected < 4.0.12-4.45.1fixed 4.0.12-4.45.1

    Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc.

  • CVE-2024-36469Apr 2, 2025
    affected < 4.0.12-4.45.1fixed 4.0.12-4.45.1

    Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one.

  • CVE-2024-42333Nov 27, 2024
    affected < 4.0.12-4.32.1fixed 4.0.12-4.32.1

    The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c

  • CVE-2024-22117Nov 26, 2024
    affected < 4.0.12-4.32.1fixed 4.0.12-4.32.1

    When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value b