Headline

CVE-2023-29451: [ZBX-22587] JSONPath uses uninitialised buffer if JSON string contains invalid unicode character (CVE-2023-29451)

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.

1 year ago

CVE

Open in Source

#js #jira

Log inSkip to main contentSkip to sidebar

Dashboards
Projects
Issues
Help
- Jira Core help
- Keyboard Shortcuts
- About Jira
- Jira Credits
Log In

ZABBIX BUGS AND ISSUES
ZBX-22587

Export

XMLWordPrintable

Details

**Type: ** Defect (Security)
Status: Closed
**Priority: ** Trivial
Resolution: Fixed
Affects Version/s: 6.0.14, 6.2.8, 6.4.0
Fix Version/s: 6.0.15rc1, 6.2.9rc2, 6.4.1rc1, 7.0.0alpha1, 7.0 (plan)
Component/s: Proxy §, Server (S)
Labels:

None

Team:

Team A
Sprint:

Sprint 98 (Mar 2023)
Story Points:

0.5

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

jsonparser.diff

0.6 kB

2023 Mar 10 13:04

Issue Links

mentioned in

Page Loading…

Activity

People

Assignee:

Vladislavs Sokurenko

Reporter:

Vladislavs Sokurenko

Votes:

0 Vote for this issue

Watchers:

5 Start watching this issue

Dates

Created:

2023 Mar 10 13:05

Updated:

2023 Jun 25 23:03

Resolved:

2023 Apr 02 20:05

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

11 months ago

11 months ago

11 months ago

11 months ago

11 months ago