This is the documentation page for an unsupported version of Zabbix.
Is this not what you were looking for? Switch to the current version or choose one from the drop-down menu.

42 What's new in Zabbix 4.0.37

Security

Vulnerability to CVE-2021-42550 has been fixed. As an additional security measure it is recommended to check permissions to the /etc/zabbix/zabbix_java_gateway_logback.xml file and set it read-only, if write permissions are available for the "zabbix" user.