CVE-2023-29451

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-29451

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29451.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-29451

Related

DLA-3538-1

Published

2023-07-13T10:15:09Z

Modified

2024-09-18T03:30:21.352524Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.

References

Affected packages

Debian:12 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

1:6.0.23+dfsg-1

1:6.0.24+dfsg-1

1:6.0.25+dfsg-1

1:6.0.29+dfsg-1

1:7.*

1:7.0.0+dfsg-1

1:7.0.0+dfsg-2~bpo12+1

1:7.0.0+dfsg-2

1:7.0.1+dfsg-1~bpo12+1

1:7.0.1+dfsg-1

1:7.0.2+dfsg-1~bpo12+1

1:7.0.2+dfsg-1

1:7.0.3+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:6.0.23+dfsg-1

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/zabbix/zabbix

Affected ranges

Type: GIT
Repo: https://github.com/zabbix/zabbix
Events: Last affected

088a1524edba40df60dee1c6586ed76b383fef99

Last affected

2aeaf5a6e708bb09765e740d90350e03e481fd35

Last affected

3f184b456c78eb8c0ecdac62d708e38e1b1eba68

Last affected

4c51ce43a90365f004baaf8b1a830f53086fe429

Last affected

515ced75ff1b4ca50626eadad9d994cdc6747e00

Last affected

53ee8cba0ce8b64fa10ba82792a69a9827ff4436

Last affected

5e063aebfeac28041f7b0e03e07e5738a9f0def9

Last affected

89049fb719637a7b6d6be4244b226b3ea8cc96a7

Last affected

8c156f34f9bc4a3b225feddf792a6c48b8cfc14d

Last affected

a01f5df47bf7288479c0337705649ed341e4bf7a

Introduced

83c2f617387b143247227f5a659cd6d71e5f78c7

Last affected

a749236b3d987a11903715deb39eb89ea1f1d8cf

Last affected

cd4d8eca4c872c495d3b27f9f6ba9fa96fce5e04

Affected versions

6.*

6.4.2