{"id":"CVE-2024-42331","details":"In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browser_push_error method in the src/libs/zbxembed/browser_error.c file. A use-after-free bug can occur at this stage if the wd-\u003ebrowser heap pointer is freed by garbage collection.","modified":"2026-04-09T12:19:00.665118Z","published":"2024-11-27T12:15:21.133Z","references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/12/msg00005.html"},{"type":"ADVISORY","url":"https://support.zabbix.com/browse/ZBX-25627"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/zabbix/zabbix","events":[{"introduced":"49955f1fb5c9168a8a24b053f7ade6b3d903143c"},{"fixed":"f383737f1083e25756c6afaaa8abff05ad11eb50"}],"database_specific":{"versions":[{"introduced":"7.0.0"},{"fixed":"7.0.4"}]}}],"versions":["7.0.0","7.0.1","7.0.1rc1","7.0.1rc2","7.0.2","7.0.2rc1","7.0.2rc2","7.0.3","7.0.3rc1","7.0.4rc1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42331.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}]}