rpm package
suse/zabbix&distro=SUSE Package Hub 15 SP5
pkg:rpm/suse/zabbix&distro=SUSE%20Package%20Hub%2015%20SP5
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-22119 | — | < 4.0.50-bp155.3.12.1 | 4.0.50-bp155.3.12.1 | Feb 9, 2024 | The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section. | ||
| CVE-2023-32727 | — | < 4.0.50-bp155.3.9.1 | 4.0.50-bp155.3.9.1 | Dec 18, 2023 | An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server. | ||
| CVE-2023-29454 | — | < 4.0.47-bp155.3.3.1 | 4.0.47-bp155.3.3.1 | Jul 13, 2023 | Stored or persistent cross-site scripting (XSS) is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload (e.g., in a database or server-side text files), and finally, the application unintentionally executes the pa |
- CVE-2024-22119Feb 9, 2024affected < 4.0.50-bp155.3.12.1fixed 4.0.50-bp155.3.12.1
The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section.
- CVE-2023-32727Dec 18, 2023affected < 4.0.50-bp155.3.9.1fixed 4.0.50-bp155.3.9.1
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.
- CVE-2023-29454Jul 13, 2023affected < 4.0.47-bp155.3.3.1fixed 4.0.47-bp155.3.3.1
Stored or persistent cross-site scripting (XSS) is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload (e.g., in a database or server-side text files), and finally, the application unintentionally executes the pa