[Git][security-tracker-team/security-tracker][master] CVE-2025-49643/zabbix

[Bastien Roucariès (@rouca)]

Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
900bac2b by Bastien Roucariès at 2026-01-08T22:02:00+01:00
CVE-2025-49643/zabbix

out of security support and moreover need authentificated user

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18288,6 +18288,9 @@ CVE-2025-51682 (mJobtime 15.7.2 handles authorization on the client side, which
 	NOT-FOR-US: mJobtime
 CVE-2025-49643 (An authenticated Zabbix user (including Guest) is able to cause dispro ...)
 	- zabbix <unfixed> (bug #1121841)
+	[trixie] - zabbix <ignored> (The WEB UI is only supported for access by trusted users, no security updates issued for it, #1124558)
+	[bookworm] - zabbix <ignored> (The WEB UI is only supported for access by trusted users, no security updates issued for it, #1124558)
+	[bullseye] - zabbix <ignored> (The WEB UI is only supported for access by trusted users, no security updates issued for it, #1124558)
 	NOTE: https://support.zabbix.com/browse/ZBX-27284
 	NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/b4757c1eaa571abbf0aa6fa2fe2e77ccf4c205f8 (7.0.19rc1)
 	NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/aeada86d3c8231e1e173c6a7ac19ea60bf899b86 (6.0.42rc1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/900bac2b1308d9dbf9993b00dead432b18a02d1e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/900bac2b1308d9dbf9993b00dead432b18a02d1e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260108/dafa999d/attachment.htm>