VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.apache.zookeeper:zookeeper

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2017-5637 high 7.5 7.5 9y ago Uncontrolled Resource Consumption in Apache ZooKeeper debianjavaapache
CVE-2026-24308 unknown 3mo ago Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the cli… debianjava
CVE-2026-24281 unknown 3mo ago Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManager debianjava
CVE-2025-58457 unknown 8mo ago Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands debianjava
CVE-2024-51504 unknown 2y ago When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin S… debianjava
CVE-2024-23944 unknown 2y ago Information disclosure in persistent watchers handling in Apache ZooKeeper due to missing ACL check. It allows an attacker to monitor child znodes by attaching a persistent watcher (addWatch command)… debianjava
CVE-2023-44981 unknown 3y ago Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper susedebianjava
CVE-2018-8012 unknown 4y ago No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could joi… susedebianjava
CVE-2019-0201 unknown 7y ago Access control bypass in Apache ZooKeeper susedebianjava