How severe is CVE-2024-42328?

CVE-2024-42328 has a CVSS v3 score of 3.3 (LOW).

CVE-2024-42328

Name: zabbix
Author: zabbix

3.3LOW

When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curl_write_cb when receiving data. If the server's response is an

Опубликовано: 11/27/2024Обновлено: 10/8/2025

Описание

When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curl_write_cb when receiving data. If the server's response is an empty document, then wd->data in the code below will remain NULL and an attempt to read from it will result in a crash.

ИИ-АнализНа базе ИИ

Затронутые продукты

zabbixzabbix

Ссылки

https://support.zabbix.com/browse/ZBX-25624
Vendor Advisory