Описание
Security update for zabbix
This update for zabbix fixes the following issues:
- CVE-2024-22119: Fixed a stored XSS in graph items select form (boo#1219775).
Список пакетов
SUSE Package Hub 15 SP5
zabbix-agent-4.0.50-bp155.3.12.1
zabbix-java-gateway-4.0.50-bp155.3.12.1
zabbix-phpfrontend-4.0.50-bp155.3.12.1
zabbix-proxy-4.0.50-bp155.3.12.1
zabbix-proxy-mysql-4.0.50-bp155.3.12.1
zabbix-proxy-postgresql-4.0.50-bp155.3.12.1
zabbix-proxy-sqlite-4.0.50-bp155.3.12.1
zabbix-server-4.0.50-bp155.3.12.1
zabbix-server-mysql-4.0.50-bp155.3.12.1
zabbix-server-postgresql-4.0.50-bp155.3.12.1
openSUSE Leap 15.5
zabbix-agent-4.0.50-bp155.3.12.1
zabbix-java-gateway-4.0.50-bp155.3.12.1
zabbix-phpfrontend-4.0.50-bp155.3.12.1
zabbix-proxy-4.0.50-bp155.3.12.1
zabbix-proxy-mysql-4.0.50-bp155.3.12.1
zabbix-proxy-postgresql-4.0.50-bp155.3.12.1
zabbix-proxy-sqlite-4.0.50-bp155.3.12.1
zabbix-server-4.0.50-bp155.3.12.1
zabbix-server-mysql-4.0.50-bp155.3.12.1
zabbix-server-postgresql-4.0.50-bp155.3.12.1
Ссылки
- E-Mail link for openSUSE-SU-2024:0064-1
- SUSE Security Ratings
- SUSE Bug 1219775
- SUSE CVE CVE-2024-22119 page
Описание
The cause of vulnerability is improper validation of form input field "Name" on Graph page in Items section.
Затронутые продукты
SUSE Package Hub 15 SP5:zabbix-agent-4.0.50-bp155.3.12.1
SUSE Package Hub 15 SP5:zabbix-java-gateway-4.0.50-bp155.3.12.1
SUSE Package Hub 15 SP5:zabbix-phpfrontend-4.0.50-bp155.3.12.1
SUSE Package Hub 15 SP5:zabbix-proxy-4.0.50-bp155.3.12.1
Ссылки
- CVE-2024-22119
- SUSE Bug 1219775