[Git][security-tracker-team/security-tracker][master] Track fixed version for zabbix issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 13 20:32:58 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c64d7247 by Salvatore Bonaccorso at 2024-08-13T21:31:34+02:00
Track fixed version for zabbix issues
Part of the fixes were included in 7.0.0rc3 and two only in 7.0.1rc1.
Add tracking according when respective version entered unstable.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -501,30 +501,30 @@ CVE-2024-38989 (izatop bunt v0.29.19 was discovered to contain a prototype pollu
CVE-2024-37826 (A NULL pointer dereference in vercot Serva v4.6.0 allows attackers to ...)
NOT-FOR-US: vercot Serva
CVE-2024-36462 (Uncontrolled resource consumption refers to a software vulnerability w ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.1+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25019
CVE-2024-36461 (Within Zabbix, users have the ability to directly modify memory pointe ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.1+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25018
CVE-2024-36460 (The front-end audit log allows viewing of unprotected plaintext passwo ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.1+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25017
CVE-2024-32765 (A vulnerability has been reported to affect Network & Virtual Switch. ...)
NOT-FOR-US: QNAP
CVE-2024-22123 (Setting SMS media allows to set GSM modem file. Later this file is use ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25013
CVE-2024-22122 (Zabbix allows to configure SMS notifications. AT command injection occ ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25012
CVE-2024-22121 (A non-admin user can change or remove important features within the Za ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25011
CVE-2024-22116 (An administrator with restricted permissions can exploit the script ex ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25016
CVE-2024-22114 (User with no permission to any of the Hosts can access and view host c ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25015
CVE-2023-38018 (IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a passw ...)
NOT-FOR-US: IBM
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c64d72479697113a55437d520f2e3f10a344714b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c64d72479697113a55437d520f2e3f10a344714b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240813/e9f8df05/attachment.htm>
More information about the debian-security-tracker-commits
mailing list