CVE-2023-29458

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-29458

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29458.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-29458

Related

Published

2023-07-13T10:15:09Z

Modified

2024-10-03T19:55:15.249166Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use.

References

Affected packages

Debian:11 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:5.0.44+dfsg-1+deb11u1

Affected versions

1:5.*

1:5.0.8+dfsg-1

1:5.0.14+dfsg-1~bpo11+1

1:5.0.14+dfsg-1

1:5.0.17+dfsg-1~bpo11+1

1:5.0.17+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

1:6.0.23+dfsg-1

1:6.0.24+dfsg-1

1:6.0.25+dfsg-1

1:6.0.29+dfsg-1

1:7.*

1:7.0.0+dfsg-1

1:7.0.0+dfsg-2~bpo12+1

1:7.0.0+dfsg-2

1:7.0.1+dfsg-1~bpo12+1

1:7.0.1+dfsg-1

1:7.0.2+dfsg-1~bpo12+1

1:7.0.2+dfsg-1

1:7.0.3+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:6.0.23+dfsg-1

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/zabbix/zabbix

Affected ranges

Type: GIT
Repo: https://github.com/zabbix/zabbix
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

83c2f617387b143247227f5a659cd6d71e5f78c7

Last affected

c81d82859a8a7cf6b83d6b1bbe102813a58cb5b3

Last affected

d9bb08b9c1ef04bf28700db1d172f51b00c19bd9

Affected versions

5.*

5.0.0

5.0.0alpha1

5.0.0alpha2

5.0.0alpha3

5.0.0alpha4

5.0.0beta1

5.0.0beta2

5.0.0rc1

5.0.1

5.0.10

5.0.10rc1

5.0.11

5.0.11rc1

5.0.12

5.0.12rc1

5.0.13

5.0.13rc1

5.0.14

5.0.14rc1

5.0.15

5.0.15rc1

5.0.16

5.0.16rc1

5.0.16rc2

5.0.17

5.0.17rc1

5.0.18

5.0.18rc1

5.0.19

5.0.19rc1

5.0.19rc2

5.0.1rc1

5.0.2

5.0.20

5.0.20rc1

5.0.21

5.0.21rc1

5.0.22

5.0.22rc1

5.0.23

5.0.23rc1

5.0.24

5.0.24rc1

5.0.25

5.0.25rc1

5.0.26

5.0.26rc1

5.0.27

5.0.27rc1

5.0.28

5.0.28rc1

5.0.29

5.0.29rc1

5.0.29rc2

5.0.2rc1

5.0.3

5.0.3.rc2

5.0.30

5.0.30rc1

5.0.31

5.0.31rc1

5.0.31rc2

5.0.32

5.0.32rc1

5.0.32rc2

5.0.33

5.0.33rc1

5.0.34

5.0.34rc1

5.0.3rc1

5.0.3rc2

5.0.4

5.0.4rc1

5.0.5

5.0.5rc1

5.0.6

5.0.6rc1

5.0.7

5.0.7rc1

5.0.8

5.0.8rc1

5.0.9

5.0.9rc1

5.0.9rc2

6.*

6.0.0

6.0.0alpha1

6.0.0alpha2

6.0.0alpha3

6.0.0alpha4

6.0.0alpha5

6.0.0alpha6

6.0.0alpha7

6.0.0beta1

6.0.0beta2

6.0.0beta3

6.0.0rc1

6.0.0rc2

6.0.1

6.0.10

6.0.10rc1

6.0.10rc2

6.0.11

6.0.11rc1

6.0.11rc2

6.0.12

6.0.12rc1

6.0.12rc2

6.0.13

6.0.13rc1

6.0.14

6.0.14rc1

6.0.14rc2

6.0.15

6.0.15rc1

6.0.15rc2

6.0.16

6.0.16rc1

6.0.17

6.0.17rc1

6.0.17rc2

6.0.1rc1

6.0.1rc2

6.0.1rc3

6.0.1rc4

6.0.2

6.0.2rc1

6.0.3

6.0.3rc1

6.0.4

6.0.4rc1

6.0.5

6.0.5rc1

6.0.6

6.0.6rc1

6.0.7

6.0.7rc1

6.0.8

6.0.8rc1

6.0.8rc2

6.0.9

6.0.9rc1

6.0.9rc2

6.4.0

6.4.0alpha1

6.4.0beta1

6.4.0beta2

6.4.0beta3

6.4.0beta4

6.4.0beta5

6.4.0beta6

6.4.0rc1

6.4.0rc2

6.4.0rc3

6.4.0rc4

6.4.1

6.4.1rc1

6.4.1rc2

6.4.2

6.4.2rc1

6.4.2rc2