CVE-2024-36463
- Source
- https://cve.org/CVERecord?id=CVE-2024-36463
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36463.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-36463
- Downstream
- Published
- 2024-11-26T15:15:31.827Z
- Modified
- 2026-03-12T04:33:53.120594Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects.
- References
Affected packages
Git / github.com/zabbix/zabbix
Affected versions
6.*
6.0.0
6.0.1
6.0.10
6.0.10rc1
6.0.10rc2
6.0.11
6.0.11rc1
6.0.11rc2
6.0.12
6.0.12rc1
6.0.12rc2
6.0.13
6.0.13rc1
6.0.14
6.0.14rc1
6.0.14rc2
6.0.15
6.0.15rc1
6.0.15rc2
6.0.16
6.0.16rc1
6.0.17
6.0.17rc1
6.0.17rc2
6.0.18
6.0.18rc1
6.0.19
6.0.19rc1
6.0.1rc1
6.0.1rc2
6.0.1rc3
6.0.1rc4
6.0.2
6.0.20
6.0.20rc1
6.0.21
6.0.21rc1
6.0.22
6.0.22rc1
6.0.23
6.0.23rc1
6.0.25
6.0.25rc1
6.0.26
6.0.26rc1
6.0.27
6.0.27rc1
6.0.28
6.0.28rc1
6.0.29
6.0.29rc1
6.0.2rc1
6.0.3
6.0.30
6.0.30rc1
6.0.31
6.0.31rc1
6.0.32
6.0.32rc1
6.0.33rc1
6.0.3rc1
6.0.4
6.0.4rc1
6.0.5
6.0.5rc1
6.0.6
6.0.6rc1
6.0.7
6.0.7rc1
6.0.8
6.0.8rc1
6.0.8rc2
6.0.9
6.0.9rc1
6.0.9rc2
7.*
7.0.0
7.0.0alpha1
7.0.0alpha2
7.0.0alpha3
7.0.0alpha4
7.0.0alpha6
7.0.0alpha7
7.0.0alpha8
7.0.0alpha9
7.0.0beta1
7.0.0beta2
7.0.0beta3
7.0.0rc1
7.0.0rc2
7.0.0rc3
7.0.1
7.0.1rc1
7.0.1rc2
7.0.2
7.0.2rc1
7.0.2rc2
7.0.3rc1
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.0.43"
}
]
},
{
"events": [
{
"introduced": "6.4.0"
},
{
"fixed": "6.4.18"
}
]
}
]
vanir_signatures
[
{
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"
},
"id": "CVE-2024-36463-42185414",
"deprecated": false,
"source": "https://github.com/zabbix/zabbix/commit/e05e6ba9dca6bac63179965db2d95b9e32a11b1b",
"digest": {
"line_hashes": [
"42377719247154798294649350857211914722",
"277301446743689282564066719793421861949",
"84053493762398819857165875037492472417",
"134573353912766890848741256532153642229",
"177130751556011487463321449951885775840",
"255221815652418511241443785427600625788"
],
"threshold": 0.9
}
},
{
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"
},
"id": "CVE-2024-36463-a11457e2",
"deprecated": false,
"source": "https://github.com/zabbix/zabbix/commit/d93ce022627d3f10608b774e322cde3c961453e3",
"digest": {
"line_hashes": [
"292971631960556532049504012454549711983",
"252186794054878738396089966044350430486",
"51727231690626324161447407021898255678",
"107830965826934551202133909220480535577",
"316143069894320711268799956090366904009",
"94555891543347806526180211855337423146"
],
"threshold": 0.9
}
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36463.json"