Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c64d7247 by Salvatore Bonaccorso at 2024-08-13T21:31:34+02:00
Track fixed version for zabbix issues
Part of the fixes were included in 7.0.0rc3 and two only in 7.0.1rc1.
Add tracking according when respective version entered unstable.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -501,30 +501,30 @@ CVE-2024-38989 (izatop bunt v0.29.19 was discovered to
contain a prototype pollu
CVE-2024-37826 (A NULL pointer dereference in vercot Serva v4.6.0 allows
attackers to ...)
NOT-FOR-US: vercot Serva
CVE-2024-36462 (Uncontrolled resource consumption refers to a software
vulnerability w ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.1+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25019
CVE-2024-36461 (Within Zabbix, users have the ability to directly modify
memory pointe ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.1+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25018
CVE-2024-36460 (The front-end audit log allows viewing of unprotected
plaintext passwo ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.1+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25017
CVE-2024-32765 (A vulnerability has been reported to affect Network & Virtual
Switch. ...)
NOT-FOR-US: QNAP
CVE-2024-22123 (Setting SMS media allows to set GSM modem file. Later this
file is use ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25013
CVE-2024-22122 (Zabbix allows to configure SMS notifications. AT command
injection occ ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25012
CVE-2024-22121 (A non-admin user can change or remove important features
within the Za ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25011
CVE-2024-22116 (An administrator with restricted permissions can exploit the
script ex ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25016
CVE-2024-22114 (User with no permission to any of the Hosts can access and
view host c ...)
- - zabbix <unfixed> (bug #1078553)
+ - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25015
CVE-2023-38018 (IBM Aspera Shares 1.10.0 PL2 does not invalidate session after
a passw ...)
NOT-FOR-US: IBM
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c64d72479697113a55437d520f2e3f10a344714b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c64d72479697113a55437d520f2e3f10a344714b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
