CVE-2024-42331 | Zabbix up to 7.0.3 Duktape JavaScript Engine browser.c es_browser_ctor use after free

Inserito da Angelo Barbosa | Nov 27, 2024 | CVE

A vulnerability was found in Zabbix up to 7.0.3. It has been rated as problematic. This issue affects the function es_browser_ctor in the library src/libs/zbxembed/browser.c of the component Duktape JavaScript Engine. The manipulation leads to use after free.

The identification of this vulnerability is CVE-2024-42331. Attacking locally is a requirement. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-42331 | Zabbix up to 7.0.3 Duktape JavaScript Engine browser.c es_browser_ctor use after free

Post correlati

CVE-2023-49193 | Social Pug Plugin up to 1.20.3 on WordPress admin_init authorization

CVE-2024-6632 | Fortra FileCatalyst Workflow up to 5.1.6 Build 139 sql injection

CVE-2024-32905 | Google Android kernel link_device_memory_legacy.c circ_read out-of-bounds write

CVE-2024-39429 | Unisoc T618 Faceid Service out-of-bounds write