Nepalihacker0X01

**Name of the Vulnerable Software and Affected Versions** Zabbix versions (affected versions not specified) Duktape version 2.6 **Description** The issue is related to an unverified array indexing in the Duktape component of the Zabbix monitoring system. This can lead to a denial of service when exploited by a remote attacker. The problem occurs due to a bug in Duktape 2.6, which is a third-party embeddable JavaScript engine used for its portability and compact footprint. When too many values are added to the valstack in JavaScript, it will crash. **Recommendations** For Duktape version 2.6, consider disabling the use of the valstack in JavaScript until a patch is available. As a temporary workaround, restrict the number of values that can be added to the valstack to prevent JavaScript from crashing. At the moment, there is no information about a newer version that contains a fix for this vulnerability.