Zabbix 6.0.0 Alpha 3

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:zabbix:zabbix:6.0.0:alpha3:*:*:*:*:*:*

part: a version: 6.0.0 update: alpha3

VendorZabbix (8857f8ff-2020-5e62-b9b7-687960752062)
ProductZabbix (ff27d8f3-5575-5d69-ac0d-7d8e9faa4e83)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/zabbix/zabbix-agent purl2cpe 2026-06-01 10:13:01.957166
pkg:github/zabbix/zabbix purl2cpe 2026-06-01 10:13:01.957167
pkg:rpm/fedora/zabbix purl2cpe 2026-06-01 10:13:01.957169
pkg:rpm/opensuse/zabbix purl2cpe 2026-06-01 10:13:01.957170
pkg:zabbix/zbx/zabbix purl2cpe 2026-06-01 10:13:01.957171

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-23134 vulnerable 2026-06-08 05:40:56.469355 Possible view of the setup pages by unauthenticated users if config file already exists
LOW (3.7)
After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
Published: 2022-01-13T15:50:42.946Z
Updated: 2025-10-21T23:15:49.129Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-23132 vulnerable 2026-06-08 05:40:56.465542 Incorrect permissions of [/var/run/zabbix] forces dac_override
LOW (3.3)
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
Published: 2022-01-13T15:50:40.425Z
Updated: 2025-11-03T21:45:50.064Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.