CVE-2023-29450
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-29450
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29450.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-29450
- Related
- Published
- 2023-07-13T09:15:09Z
- Modified
- 2024-10-03T19:55:28.104787Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.
- References
Affected packages
Debian:11 / zabbix
Package
- Name
- zabbix
- Purl
- pkg:deb/debian/zabbix?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:5.0.44+dfsg-1+deb11u1
Debian:12 / zabbix
Package
- Name
- zabbix
- Purl
- pkg:deb/debian/zabbix?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:13 / zabbix
Package
- Name
- zabbix
- Purl
- pkg:deb/debian/zabbix?arch=source
Git / github.com/zabbix/zabbix
Affected ranges
- Type
- GIT
- Repo
- https://github.com/zabbix/zabbix
- Events
-
IntroducedLast affectedIntroducedLast affectedLast affectedIntroducedLast affected
Affected versions
6.*
6.0.0
6.0.1
6.0.10
6.0.10rc1
6.0.10rc2
6.0.11
6.0.11rc1
6.0.11rc2
6.0.12
6.0.12rc1
6.0.12rc2
6.0.13
6.0.13rc1
6.0.14
6.0.14rc1
6.0.14rc2
6.0.15
6.0.15rc1
6.0.15rc2
6.0.1rc1
6.0.1rc2
6.0.1rc3
6.0.1rc4
6.0.2
6.0.2rc1
6.0.3
6.0.3rc1
6.0.4
6.0.4rc1
6.0.5
6.0.5rc1
6.0.6
6.0.6rc1
6.0.7
6.0.7rc1
6.0.8
6.0.8rc1
6.0.8rc2
6.0.9
6.0.9rc1
6.0.9rc2
6.4.0
6.4.0alpha1
6.4.0beta1
6.4.0beta2
6.4.0beta3
6.4.0beta4
6.4.0beta5
6.4.0beta6
6.4.0rc1
6.4.0rc2
6.4.0rc3
6.4.0rc4
6.4.1
6.4.1rc1
6.4.1rc2