Zabbix 6.0.0 Alpha 4

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:zabbix:zabbix:6.0.0:alpha4:*:*:*:*:*:*

part: a version: 6.0.0 update: alpha4

VendorZabbix (8857f8ff-2020-5e62-b9b7-687960752062)
ProductZabbix (ff27d8f3-5575-5d69-ac0d-7d8e9faa4e83)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/zabbix/zabbix-agent purl2cpe 2026-06-01 10:13:01.957173
pkg:github/zabbix/zabbix purl2cpe 2026-06-01 10:13:01.957174
pkg:rpm/fedora/zabbix purl2cpe 2026-06-01 10:13:01.957175
pkg:rpm/opensuse/zabbix purl2cpe 2026-06-01 10:13:01.957177
pkg:zabbix/zbx/zabbix purl2cpe 2026-06-01 10:13:01.957178

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-23134 vulnerable 2026-06-08 05:40:56.469477 Possible view of the setup pages by unauthenticated users if config file already exists
LOW (3.7)
After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
Published: 2022-01-13T15:50:42.946Z
Updated: 2025-10-21T23:15:49.129Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-23132 vulnerable 2026-06-08 05:40:56.466028 Incorrect permissions of [/var/run/zabbix] forces dac_override
LOW (3.3)
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
Published: 2022-01-13T15:50:40.425Z
Updated: 2025-11-03T21:45:50.064Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.