Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie

Type deb

Namespace debian

Name zabbix

Version 1:7.0.5+dfsg-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:7.0.9+dfsg-1

Latest_non_vulnerable_version 1:7.0.22+dfsg-1.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-32c6-6w9k-k3c1

vulnerability_id VCID-32c6-6w9k-k3c1

summary When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curl_write_cb when receiving data. If the server's response is an empty document, then wd->data in the code below will remain NULL and an attempt to read from it will result in a crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42328

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.1374
published_at	2026-04-13T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13646
published_at	2026-04-18T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13649
published_at	2026-04-16T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13865
published_at	2026-04-02T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13922
published_at	2026-04-04T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13724
published_at	2026-04-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13806
published_at	2026-04-08T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13857
published_at	2026-04-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13825
published_at	2026-04-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13789
published_at	2026-04-12T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20666
published_at	2026-05-07T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.2073
published_at	2026-04-26T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20697
published_at	2026-04-29T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20593
published_at	2026-05-05T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20863
published_at	2026-04-21T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20735
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42328

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1090029
reference_id	1090029
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1090029

reference_url

https://support.zabbix.com/browse/ZBX-25624

reference_id

ZBX-25624

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:56:07Z/

url

https://support.zabbix.com/browse/ZBX-25624

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie

aliases CVE-2024-42328

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-32c6-6w9k-k3c1

url VCID-7f3g-hebk-3qad

vulnerability_id VCID-7f3g-hebk-3qad

summary In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browser_push_error method in the src/libs/zbxembed/browser_error.c file. A use-after-free bug can occur at this stage if the wd->browser heap pointer is freed by garbage collection.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42331

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.13622
published_at	2026-05-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13655
published_at	2026-04-26T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13557
published_at	2026-04-29T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13466
published_at	2026-05-05T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13822
published_at	2026-04-02T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13878
published_at	2026-04-04T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13679
published_at	2026-04-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13762
published_at	2026-04-08T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13812
published_at	2026-04-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13781
published_at	2026-04-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13744
published_at	2026-04-12T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13694
published_at	2026-04-13T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13605
published_at	2026-04-16T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13602
published_at	2026-04-18T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13676
published_at	2026-04-21T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13685
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42331

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url

https://support.zabbix.com/browse/ZBX-25627

reference_id

ZBX-25627

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:55:25Z/

url

https://support.zabbix.com/browse/ZBX-25627

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.45%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.45%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.45%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie

aliases CVE-2024-42331

risk_score 0.8

exploitability 0.5

weighted_severity 1.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7f3g-hebk-3qad

url VCID-8yyv-6phn-tkaq

vulnerability_id VCID-8yyv-6phn-tkaq

summary The webdriver for the Browser object expects an error object to be initialized when the webdriver_session_query function fails. But this function can fail for various reasons without an error description and then the wd->error will be NULL and trying to read from it will result in a crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42329

reference_id

reference_type

scores

value	0.00037
scoring_system	epss
scoring_elements	0.11103
published_at	2026-05-07T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11094
published_at	2026-04-26T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.1103
published_at	2026-04-29T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.10965
published_at	2026-05-05T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11232
published_at	2026-04-02T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11296
published_at	2026-04-04T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11111
published_at	2026-04-07T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11191
published_at	2026-04-08T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11247
published_at	2026-04-09T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11258
published_at	2026-04-11T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11225
published_at	2026-04-12T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11199
published_at	2026-04-13T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11063
published_at	2026-04-16T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11072
published_at	2026-04-18T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11203
published_at	2026-04-21T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11139
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42329

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url

https://support.zabbix.com/browse/ZBX-25625

reference_id

ZBX-25625

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:55:49Z/

url

https://support.zabbix.com/browse/ZBX-25625

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie

aliases CVE-2024-42329

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8yyv-6phn-tkaq

url VCID-aetr-jrab-6fg5

vulnerability_id VCID-aetr-jrab-6fg5

summary The HttpRequest object allows to get the HTTP headers from the server's response after sending the request. The problem is that the returned strings are created directly from the data returned by the server and are not correctly encoded for JavaScript. This allows to create internal strings that can be used to access hidden properties of objects.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42330

reference_id

reference_type

scores

value	0.0017
scoring_system	epss
scoring_elements	0.38183
published_at	2026-04-12T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38205
published_at	2026-04-16T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38159
published_at	2026-04-13T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38249
published_at	2026-04-02T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38272
published_at	2026-04-04T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38141
published_at	2026-04-07T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38191
published_at	2026-04-08T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38199
published_at	2026-04-09T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38218
published_at	2026-04-11T12:55:00Z

value	0.0023
scoring_system	epss
scoring_elements	0.45674
published_at	2026-05-07T12:55:00Z

value	0.0023
scoring_system	epss
scoring_elements	0.45775
published_at	2026-04-26T12:55:00Z

value	0.0023
scoring_system	epss
scoring_elements	0.45716
published_at	2026-04-29T12:55:00Z

value	0.0023
scoring_system	epss
scoring_elements	0.45612
published_at	2026-05-05T12:55:00Z

value	0.0023
scoring_system	epss
scoring_elements	0.45892
published_at	2026-04-18T12:55:00Z

value	0.0023
scoring_system	epss
scoring_elements	0.45838
published_at	2026-04-21T12:55:00Z

value	0.0023
scoring_system	epss
scoring_elements	0.45764
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42330

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url

https://support.zabbix.com/browse/ZBX-25626

reference_id

ZBX-25626

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:12:32Z/

url

https://support.zabbix.com/browse/ZBX-25626

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.45%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.45%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.45%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie

aliases CVE-2024-42330

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aetr-jrab-6fg5

url VCID-b6xv-kz4p-k3em

vulnerability_id VCID-b6xv-kz4p-k3em

summary There was discovered a use after free bug in browser.c in the es_browser_get_variant function

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42326

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.22213
published_at	2026-04-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22153
published_at	2026-04-16T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22152
published_at	2026-04-13T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22271
published_at	2026-04-02T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22313
published_at	2026-04-04T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22098
published_at	2026-04-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22181
published_at	2026-04-08T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22235
published_at	2026-04-09T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22254
published_at	2026-04-11T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27164
published_at	2026-05-07T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27347
published_at	2026-04-26T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.2727
published_at	2026-04-29T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.271
published_at	2026-05-05T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27535
published_at	2026-04-18T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27496
published_at	2026-04-21T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27451
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42326

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url

https://support.zabbix.com/browse/ZBX-25622

reference_id

ZBX-25622

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:56:46Z/

url

https://support.zabbix.com/browse/ZBX-25622

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie

aliases CVE-2024-42326

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6xv-kz4p-k3em

url VCID-n5md-76wa-dbaa

vulnerability_id VCID-n5md-76wa-dbaa

summary A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27240

reference_id

reference_type

scores

value	0.00057
scoring_system	epss
scoring_elements	0.18122
published_at	2026-04-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18068
published_at	2026-04-02T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17823
published_at	2026-04-07T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.18993
published_at	2026-05-07T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19182
published_at	2026-04-18T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19193
published_at	2026-04-21T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19084
published_at	2026-04-24T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19075
published_at	2026-04-26T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.1903
published_at	2026-04-29T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.18911
published_at	2026-05-05T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20055
published_at	2026-04-13T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20113
published_at	2026-04-12T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20037
published_at	2026-04-16T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20075
published_at	2026-04-08T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20132
published_at	2026-04-09T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20158
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27240

reference_url

https://support.zabbix.com/browse/ZBX-26986

reference_id

ZBX-26986

reference_type

scores

value	7.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-13T03:55:34Z/

url

https://support.zabbix.com/browse/ZBX-26986

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie

aliases CVE-2025-27240

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n5md-76wa-dbaa

url VCID-uxdf-6tyd-rucd

vulnerability_id VCID-uxdf-6tyd-rucd

summary The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42332

reference_id

reference_type

scores

value	0.00425
scoring_system	epss
scoring_elements	0.62263
published_at	2026-05-07T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62276
published_at	2026-04-26T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62269
published_at	2026-04-29T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62214
published_at	2026-05-05T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.6216
published_at	2026-04-02T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62191
published_at	2026-04-04T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62158
published_at	2026-04-07T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62208
published_at	2026-04-08T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62226
published_at	2026-04-09T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62244
published_at	2026-04-11T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62234
published_at	2026-04-12T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62212
published_at	2026-04-13T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62258
published_at	2026-04-16T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62265
published_at	2026-04-18T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62249
published_at	2026-04-21T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62259
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42332

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url

https://support.zabbix.com/browse/ZBX-25628

reference_id

ZBX-25628

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:54:59Z/

url

https://support.zabbix.com/browse/ZBX-25628

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.45%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.45%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.45%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie

aliases CVE-2024-42332

risk_score 0.9

exploitability 0.5

weighted_severity 1.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uxdf-6tyd-rucd

url VCID-zc7p-7yts-5yae

vulnerability_id VCID-zc7p-7yts-5yae

summary The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42333

reference_id

reference_type

scores

value	0.00097
scoring_system	epss
scoring_elements	0.2673
published_at	2026-04-12T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26682
published_at	2026-04-16T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26673
published_at	2026-04-13T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26826
published_at	2026-04-02T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26866
published_at	2026-04-04T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26652
published_at	2026-04-07T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.2672
published_at	2026-04-08T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.2677
published_at	2026-04-09T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26774
published_at	2026-04-11T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32212
published_at	2026-05-07T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32371
published_at	2026-04-26T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32287
published_at	2026-04-29T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32148
published_at	2026-05-05T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.3267
published_at	2026-04-18T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32641
published_at	2026-04-21T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32486
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42333

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42333
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42333

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url

https://support.zabbix.com/browse/ZBX-25629

reference_id

ZBX-25629

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:54:27Z/

url

https://support.zabbix.com/browse/ZBX-25629

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.45%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.45%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.45%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie

aliases CVE-2024-42333

risk_score 0.7

exploitability 0.5

weighted_severity 1.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zc7p-7yts-5yae

url VCID-zrfp-skzu-cbet

vulnerability_id VCID-zrfp-skzu-cbet

summary When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding sysmapelementurlid + 1. This action prevents others from adding URLs to the map element.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-22117

reference_id

reference_type

scores

value	0.00057
scoring_system	epss
scoring_elements	0.17581
published_at	2026-05-07T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17675
published_at	2026-04-26T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1763
published_at	2026-04-29T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17488
published_at	2026-05-05T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1797
published_at	2026-04-02T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18024
published_at	2026-04-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17723
published_at	2026-04-07T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17811
published_at	2026-04-08T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17871
published_at	2026-04-09T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17887
published_at	2026-04-11T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17844
published_at	2026-04-12T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17795
published_at	2026-04-13T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1774
published_at	2026-04-16T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1775
published_at	2026-04-18T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17788
published_at	2026-04-21T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17698
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-22117

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://support.zabbix.com/browse/ZBX-25610

reference_id

ZBX-25610

reference_type

scores

value	2.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T15:03:28Z/

url

https://support.zabbix.com/browse/ZBX-25610

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie

aliases CVE-2024-22117

risk_score 0.7

exploitability 0.5

weighted_severity 1.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zrfp-skzu-cbet

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

Package Instance