rpm package
suse/zabbix&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
pkg:rpm/suse/zabbix&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-42325 | — | < 4.0.12-4.45.1 | 4.0.12-4.45.1 | Apr 2, 2025 | Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc. | ||
| CVE-2024-36469 | — | < 4.0.12-4.45.1 | 4.0.12-4.45.1 | Apr 2, 2025 | Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one. | ||
| CVE-2024-42333 | — | < 4.0.12-4.32.1 | 4.0.12-4.32.1 | Nov 27, 2024 | The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c | ||
| CVE-2024-22117 | — | < 4.0.12-4.32.1 | 4.0.12-4.32.1 | Nov 26, 2024 | When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value b |
- CVE-2024-42325Apr 2, 2025affected < 4.0.12-4.45.1fixed 4.0.12-4.45.1
Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc.
- CVE-2024-36469Apr 2, 2025affected < 4.0.12-4.45.1fixed 4.0.12-4.45.1
Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one.
- CVE-2024-42333Nov 27, 2024affected < 4.0.12-4.32.1fixed 4.0.12-4.32.1
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c
- CVE-2024-22117Nov 26, 2024affected < 4.0.12-4.32.1fixed 4.0.12-4.32.1
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value b