Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-42331

In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browser_push_error method in the src/libs/zbxembed/browser_error.c file. A use-after-free bug can occur at this stage if the wd->browser heap pointer is freed by garbage collection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.6%
CVSS Severity
CVSS v3 Score 3.3
Products affected by CVE-2024-42331
  • Zabbix » Zabbix » Version: 7.0.0
    cpe:2.3:a:zabbix:zabbix:7.0.0
  • Zabbix » Zabbix » Version: 7.0.1
    cpe:2.3:a:zabbix:zabbix:7.0.1
  • Zabbix » Zabbix » Version: 7.0.2
    cpe:2.3:a:zabbix:zabbix:7.0.2
  • Zabbix » Zabbix » Version: 7.0.3
    cpe:2.3:a:zabbix:zabbix:7.0.3


Products
Pricing
Contact Us

Shodan ® - All rights reserved