UD Hamburg: Use After Free Vulnerability in es_browser_get_variant Function
CVE-2024-42326

4.4MEDIUM

Key Information:

Vendor

Zabbix

Status
Zabbix
Vendor
CVE Published:
27 November 2024

What is CVE-2024-42326?

There was discovered a use after free bug in browser.c in the es_browser_get_variant function

Affected Version(s)

Zabbix 7.0.0 <= 7.0.3

References

https://support.zabbix.com/browse/ZBX-25622

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

Credit

Zabbix wants to thank chamal for submitting this report on the HackerOne bug bounty platform.
.