USN-6751-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-6751-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6751-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6751-1
Related
Published
2024-04-25T20:13:57.992502Z
Modified
2024-04-25T20:13:57.992502Z
Summary
zabbix vulnerabilities
Details

It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could possibly use this issue to perform reflected cross-site scripting (XSS) attacks. (CVE-2022-35229, CVE-2022-35230)

References

Affected packages

Ubuntu:Pro:18.04:LTS / zabbix

Package

Name
zabbix

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:3.0.12+dfsg-1ubuntu0.1~esm4

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "zabbix-java-gateway": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
            "zabbix-proxy-pgsql": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
            "zabbix-proxy-sqlite3": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
            "zabbix-server-pgsql": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
            "zabbix-agent": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
            "zabbix-frontend-php": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
            "zabbix-proxy-mysql": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
            "zabbix-server-mysql": "1:3.0.12+dfsg-1ubuntu0.1~esm4"
        }
    ]
}

Ubuntu:Pro:20.04:LTS / zabbix

Package

Name
zabbix

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:4.0.17+dfsg-1ubuntu0.1~esm2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "zabbix-java-gateway": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
            "zabbix-proxy-pgsql": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
            "zabbix-proxy-sqlite3": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
            "zabbix-server-pgsql": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
            "zabbix-agent": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
            "zabbix-frontend-php": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
            "zabbix-proxy-mysql": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
            "zabbix-server-mysql": "1:4.0.17+dfsg-1ubuntu0.1~esm2"
        }
    ]
}

Ubuntu:Pro:22.04:LTS / zabbix

Package

Name
zabbix

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:5.0.17+dfsg-1ubuntu0.1~esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "zabbix-java-gateway": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
            "zabbix-proxy-pgsql": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
            "zabbix-proxy-sqlite3": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
            "zabbix-server-pgsql": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
            "zabbix-agent": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
            "zabbix-frontend-php": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
            "zabbix-proxy-mysql": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
            "zabbix-server-mysql": "1:5.0.17+dfsg-1ubuntu0.1~esm1"
        }
    ]
}

Ubuntu:Pro:14.04:LTS / zabbix

Package

Name
zabbix

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.2.2+dfsg-1ubuntu1+esm5

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "zabbix-java-gateway": "1:2.2.2+dfsg-1ubuntu1+esm5",
            "zabbix-proxy-pgsql": "1:2.2.2+dfsg-1ubuntu1+esm5",
            "zabbix-proxy-sqlite3": "1:2.2.2+dfsg-1ubuntu1+esm5",
            "zabbix-server-pgsql": "1:2.2.2+dfsg-1ubuntu1+esm5",
            "zabbix-agent": "1:2.2.2+dfsg-1ubuntu1+esm5",
            "zabbix-frontend-php": "1:2.2.2+dfsg-1ubuntu1+esm5",
            "zabbix-proxy-mysql": "1:2.2.2+dfsg-1ubuntu1+esm5",
            "zabbix-server-mysql": "1:2.2.2+dfsg-1ubuntu1+esm5"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / zabbix

Package

Name
zabbix

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.4.7+dfsg-2ubuntu2.1+esm4

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "zabbix-java-gateway": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
            "zabbix-proxy-pgsql": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
            "zabbix-proxy-sqlite3": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
            "zabbix-server-pgsql": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
            "zabbix-agent": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
            "zabbix-frontend-php": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
            "zabbix-proxy-mysql": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
            "zabbix-server-mysql": "1:2.4.7+dfsg-2ubuntu2.1+esm4"
        }
    ]
}