CVE-2024-42331

LOW Year: 2024
CVSS v3 Score
3.3
Low
Weakness Type
CWE-416
View all →

Vulnerability Description

In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browser_push_error method in the src/libs/zbxembed/browser_error.c file. A use-after-free bug can occur at this stage if the wd->browser heap pointer is freed by garbage collection.

Related Vulnerabilities

CVE-2019-15919

LOW
CVSS:3.3(Low)

An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.

CWE-4162019

CVE-2019-17143

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in th...

CWE-4162019

CVE-2019-6756

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.4.0.16811. User interaction is required to exploit this vulnerability in ...

CWE-4162019

CVE-2019-6758

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that t...

CWE-4162019

CVE-2019-6766

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that...

CWE-4162019

CVE-2019-6770

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that...

CWE-4162019