CVE-2024-42333

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-42333

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42333.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-42333

Downstream

DEBIAN-CVE-2024-42333

DLA-3984-1

SUSE-SU-2025:02746-1

UBUNTU-CVE-2024-42333

Related

SUSE-SU-2025:02746-1

Published

2024-11-27T12:15:21.350Z

Modified

2026-02-15T08:14:10.046450Z

Severity

2.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c

References

Affected packages

Git / github.com/zabbix/zabbix

Affected ranges

Type: GIT
Repo: https://github.com/zabbix/zabbix
Events: Introduced

49955f1fb5c9168a8a24b053f7ade6b3d903143c

Fixed

f383737f1083e25756c6afaaa8abff05ad11eb50

Introduced

5203d2ea7d901cd33d148f20586e2155901a7faa

Fixed

55e9f3b67c4db700b4946f166e69a401b93e2598

Affected versions

6.*

6.0.0

6.0.1

6.0.10

6.0.10rc1

6.0.10rc2

6.0.11

6.0.11rc1

6.0.11rc2

6.0.12

6.0.12rc1

6.0.12rc2

6.0.13

6.0.13rc1

6.0.14

6.0.14rc1

6.0.14rc2

6.0.15

6.0.15rc1

6.0.15rc2

6.0.16

6.0.16rc1

6.0.17

6.0.17rc1

6.0.17rc2

6.0.18

6.0.18rc1

6.0.19

6.0.19rc1

6.0.1rc1

6.0.1rc2

6.0.1rc3

6.0.1rc4

6.0.2

6.0.20

6.0.20rc1

6.0.21

6.0.21rc1

6.0.22

6.0.22rc1

6.0.23

6.0.23rc1

6.0.25

6.0.25rc1

6.0.26

6.0.26rc1

6.0.27

6.0.27rc1

6.0.28

6.0.28rc1

6.0.29

6.0.29rc1

6.0.2rc1

6.0.3

6.0.30

6.0.30rc1

6.0.31

6.0.31rc1

6.0.32

6.0.32rc1

6.0.33

6.0.33rc1

6.0.34rc1

6.0.34rc2

6.0.3rc1

6.0.4

6.0.4rc1

6.0.5

6.0.5rc1

6.0.6

6.0.6rc1

6.0.7

6.0.7rc1

6.0.8

6.0.8rc1

6.0.8rc2

6.0.9

6.0.9rc1

6.0.9rc2

7.*

7.0.0

7.0.1

7.0.1rc1

7.0.1rc2

7.0.2

7.0.2rc1

7.0.2rc2

7.0.3

7.0.3rc1

7.0.4rc1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42333.json"

vanir_signatures

[
    {
        "id": "CVE-2024-42333-3e163149",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "115154101360858030922981434055701150851",
                "195570750560698842948592063162645571807",
                "229777919597073440585547007016699420692",
                "310281707359805902864494292389069723081",
                "49944654822291915530385878933710200727",
                "285971086933706543778601192121026144741"
            ]
        },
        "signature_type": "Line",
        "target": {
            "file": "src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"
        },
        "signature_version": "v1",
        "source": "https://github.com/zabbix/zabbix/commit/55e9f3b67c4db700b4946f166e69a401b93e2598",
        "deprecated": false
    },
    {
        "id": "CVE-2024-42333-efef764d",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "158703392381671019955663987886552441761",
                "260539109617570610531885982419177346223",
                "24620959945945567121836211561936761519",
                "167792423538235293008428595269249306508",
                "192204268449565753401476537568276663620",
                "222572340168714685842508309588394178632"
            ]
        },
        "signature_type": "Line",
        "target": {
            "file": "src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"
        },
        "signature_version": "v1",
        "source": "https://github.com/zabbix/zabbix/commit/f383737f1083e25756c6afaaa8abff05ad11eb50",
        "deprecated": false
    }
]