Описание
The webdriver for the Browser object expects an error object to be initialized when the webdriver_session_query function fails. But this function can fail for various reasons without an error description and then the wd->error will be NULL and trying to read from it will result in a crash.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| zabbix | fixed | 1:7.0.5+dfsg-1 | package | |
| zabbix | not-affected | bookworm | package | |
| zabbix | not-affected | bullseye | package |
Примечания
https://support.zabbix.com/browse/ZBX-25625
Fixed by (merge commit): https://github.com/zabbix/zabbix/commit/65c4acee83191158522bc75552912fdce2cac9da (7.0.4rc1)
webdriver introduced with commit https://github.com/zabbix/zabbix/commit/4d22c15fe4499602e0da5399e3dd6dc9da03277b (7.0.0rc1)
Связанные уязвимости
The webdriver for the Browser object expects an error object to be initialized when the webdriver_session_query function fails. But this function can fail for various reasons without an error description and then the wd->error will be NULL and trying to read from it will result in a crash.
The webdriver for the Browser object expects an error object to be initialized when the webdriver_session_query function fails. But this function can fail for various reasons without an error description and then the wd->error will be NULL and trying to read from it will result in a crash.
The webdriver for the Browser object expects an error object to be initialized when the webdriver_session_query function fails. But this function can fail for various reasons without an error description and then the wd->error will be NULL and trying to read from it will result in a crash.
Уязвимость функции webdriver_session_query универсальной системы мониторинга Zabbix, позволяющая нарушителю вызвать отказ в обслуживании (DoS)
