CNNVD-202510-3973 Information

CNNVD ID

CNNVD-202510-3973

Related CVE

CVE-2025-62788

• CNNVD Published: 2025-10-29

Description (Chinese)

Wazuh是Wazuh开源的一个应用软件。用于收集，汇总，索引和分析安全数据，帮助组织检测入侵，威胁和行为异常。 Wazuh 4.11.0之前版本存在资源管理错误漏洞，该漏洞源于w_copy_event_for_log函数引用已释放内存，可能导致应用程序完整性被破坏。

Description (English)

Wazuh is an application from the Wazuh Open Source. For collection, aggregation, indexing and analysis of security data to help the organization detect invasions, threats and behavioural anomalies. The previous version of Wazuh 4.11.0 had a resource management error loophole that originated from the w copy event for log function citation of released memory, which could result in the integrity of the application being compromised.

Hazard Level

High

Vulnerability Type

资源管理错误

Affected Vendor

Wazuh

Published

2025-10-29

Last Modified

2026-02-24

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-qjcw-fjvh-8q4g https://access.redhat.com/security/cve/cve-2025-62788

Patch

https://wazuh.com/