CNNVD-202510-3972 Information

CNNVD ID

CNNVD-202510-3972

Related CVE

CVE-2025-62789

• CNNVD Published: 2025-10-29

Description (Chinese)

Wazuh是Wazuh开源的一个应用软件。用于收集，汇总，索引和分析安全数据，帮助组织检测入侵，威胁和行为异常。 Wazuh 4.11.0之前版本存在代码问题漏洞，该漏洞源于未检查ctime_r返回值，可能导致分析服务崩溃。

Description (English)

Wazuh is an application from the Wazuh Open Source. For collection, aggregation, indexing and analysis of security data to help the organization detect invasions, threats and behavioural anomalies. The pre-Wazuh 4.11.0 code gap, which originated from the failure to check the return value of ctime r, could lead to the breakdown of analytical services.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Wazuh

Published

2025-10-29

Last Modified

2026-02-24

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-8rvq-mm2f-8q22 https://access.redhat.com/security/cve/cve-2025-62789

Patch

https://wazuh.com/