Skip to content

Release history

wazuh releases

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Back to tool Latest release

All releases

4 shown

v4.14.5 Security relevant
Security fixes
  • DAPI callable resolution restriction
  • Buffer overflow in analysisd regex match
  • Path traversal in authd via agent group name
Full changelog

Manager

Fixed

  • Fixed DAPI callable resolution to restrict invocations to exposed resources only. (#34889)
  • Fixed uncontrolled memory allocation in cluster caused by crafted packet length. (#35173) (#35412)
  • Fixed rate limit bypass for the /events endpoint. (#35077)
  • Fixed buffer overflow in analysisd regex match processing. (#35106)
  • Fixed path traversal in authd via agent group name validation. (#35230)
  • Fixed size_t underflow in remoted ReadSecMSG causing potential heap overflow. (#35193)
  • Fixed RBAC bypass in DAPI allowing privilege escalation. (#35307)
  • Fixed analysisd plugin decoder argument alignment. (#35176)

Agent

Fixed

  • Fixed rootcheck false positive for /dev/.blkid.tab. (#34734)
  • Fixed ORDER_REVERSAL deadlocks in FIM. (#34735)
  • Fixed Roundcube decoder regex to prevent srcip truncation in "Failed login ... in session" logs. (#34793)
  • Fixed macOS Ventura SCA policy incorrectly passing pmset checks. (#34693)
  • Fixed Office365 integration pagination by trimming HTTP header values. (#34673)
  • Fixed FIM false positives caused by double readdir check. (#34880)
  • Fixed audit log cache overflow for events with many records in logcollector. (#35285)
  • Fixed daily marker for GuardDuty log collector. (#35110)
  • Fixed rootcheck not generating findings. (#35297)
  • Fixed heap buffer overflow in syscheck Registry Wildcard Expansion. (#35287)

Changed

  • Changed RHEL init script with SUSE variant on SLES 11. (#34563)
  • Changed service check from WMI to sc.exe. (#34543)
  • Changed windows syscollector to include command arguments. (#34727)

RESTful API

Fixed

  • Fixed allow_higher_versions validation in API upload_configuration. (#34905)
  • Fixed nested JSON depth limit in API request processing. (#35224)
  • Fixed upload size limit config mismatch. (#35141)

Ruleset

Fixed

  • Fixed bug in CIS SCA checks 35675 and 35689 for Ubuntu 24.04. (#35088)
  • Fixed Dovecot decoders to correctly extract rip and lip fields. (#35089)

Other

Changed

  • Updated dependencies cryptography to 46.0.5, Werkzeug to 3.1.6, pip to 26.0.1 and wheel to 0.46.3. (#34907)
  • Updated embedded Python to 3.10.20 and dependencies pyjwt, pyasn1. (#35135)
  • Updated dependencies cryptography, requests. (#35331)
View release on GitHub
v4.14.3 Security relevant
Security fixes
  • Buffer overflow fixes in SCA decoder
  • Memory leak fix in CIS-CAT decoder
Notable features
  • Added hostname and architecture metadata to Windows keep-alive messages
View release on GitHub
v4.14.2 Bug fix

Fixed Azure Log Analytics bookmark overwriting, API certificate discrepancies, and asynchronous ruleset reload performance issues to improve reliability and response times.

View release on GitHub

Beta — feedback welcome: [email protected]