{"id":"CVE-2024-36468","details":"The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session-\u003esecurityEngineID to local_record.engineid without proper bounds checking.","modified":"2026-05-31T00:53:42.976359Z","published":"2024-11-27T12:15:20.383Z","references":[{"type":"ADVISORY","url":"https://support.zabbix.com/browse/ZBX-25621"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/zabbix/zabbix","events":[{"introduced":"49955f1fb5c9168a8a24b053f7ade6b3d903143c"},{"fixed":"d93ce022627d3f10608b774e322cde3c961453e3"}],"database_specific":{"extracted_events":[{"introduced":"7.0.0"},{"fixed":"7.0.3"}],"cpe":"cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*","source":"CPE_RANGE"}}],"versions":["7.0.3rc1","7.0.2","7.0.2rc2","7.0.2rc1","7.0.1","7.0.1rc2","7.0.1rc1","7.0.0"],"database_specific":{"vanir_signatures_modified":"2026-05-31T00:53:42Z","vanir_signatures":[{"signature_version":"v1","deprecated":false,"target":{"file":"src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"},"digest":{"threshold":0.9,"line_hashes":["292971631960556532049504012454549711983","252186794054878738396089966044350430486","51727231690626324161447407021898255678","107830965826934551202133909220480535577","316143069894320711268799956090366904009","94555891543347806526180211855337423146"]},"id":"CVE-2024-36468-a11457e2","signature_type":"Line","source":"https://github.com/zabbix/zabbix/commit/d93ce022627d3f10608b774e322cde3c961453e3"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36468.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}]}