CVE-2025-24016 | Wazuh up to 4.9.0 common.py as_wazuh_object deserialization

Inserito da Angelo Barbosa | Feb 10, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Wazuh up to 4.9.0. This issue affects the function as_wazuh_object of the file framework/wazuh/core/cluster/common.py. The manipulation leads to deserialization.

The identification of this vulnerability is CVE-2025-24016. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-24016 | Wazuh up to 4.9.0 common.py as_wazuh_object deserialization

Post correlati

CVE-2024-0347 | SourceCodester Engineers Online Portal 1.0 signup_teacher.php Password weak password

CVE-2023-49572 | Flexense VX Search Enterprise 10.2.14 /setup_odbc odbc_data_source/odbc_user/odbc_password cross site scripting

CVE-2024-0985 | PostgreSQL up to 12.17/13.13/14.10/15.5 privilege dropping / lowering errors

CVE-2024-51364 | ModbusMechanic 3.0 XML File unrestricted upload