Known Vulnerabilities for Zookeeper by Apache
Listed below are 10 of the newest known vulnerabilities associated with "Zookeeper" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-44981 json | Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is ena... | 9.1 - CRITICAL | 2023-10-11 | 2023-11-01 |
| CVE-2021-34429 json | For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to... | 5.3 - MEDIUM | 2021-07-15 | 2023-11-07 |
| CVE-2021-29425 json | In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../f... | 4.8 - MEDIUM | 2021-04-13 | 2023-11-07 |
| CVE-2021-28169 json | For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly en... | 5.3 - MEDIUM | 2021-06-09 | 2023-11-07 |
| CVE-2021-28165 json | In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receivi... | 7.5 - HIGH | 2021-04-01 | 2023-11-07 |
| CVE-2021-28164 json | In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e... | 5.3 - MEDIUM | 2021-04-01 | 2023-11-07 |
| CVE-2021-21409 json | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... | 5.9 - MEDIUM | 2021-03-30 | 2023-11-07 |
| CVE-2021-21295 json | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... | 5.9 - MEDIUM | 2021-03-09 | 2023-11-07 |
| CVE-2020-10663 json | The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsa... | 7.5 - HIGH | 2020-04-28 | 2023-11-07 |
| CVE-2019-0201 json | An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn�... | 5.9 - MEDIUM | 2019-05-23 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Zookeeper | 3.6.2-1 | |||
| Application | Apache | Zookeeper | 3.6.2-0 | |||
| Application | Apache | Zookeeper | 3.6.2 | |||
| Application | Apache | Zookeeper | 3.6.1-1 | |||
| Application | Apache | Zookeeper | 3.6.1-0 | |||
| Application | Apache | Zookeeper | 3.6.1 | |||
| Application | Apache | Zookeeper | 3.6.0-4 | |||
| Application | Apache | Zookeeper | 3.6.0-3 | |||
| Application | Apache | Zookeeper | 3.6.0-2 | |||
| Application | Apache | Zookeeper | 3.6.0-1 | |||
| Application | Apache | Zookeeper | 3.6.0-0 | |||
| Application | Apache | Zookeeper | 3.6.0 | |||
| Application | Apache | Zookeeper | 3.5.8 | |||
| Application | Apache | Zookeeper | 3.5.8 | |||
| Application | Apache | Zookeeper | 3.5.7 | |||
| Application | Apache | Zookeeper | 3.5.7 | |||
| Application | Apache | Zookeeper | 3.5.7 | |||
| Application | Apache | Zookeeper | 3.5.7 | |||
| Application | Apache | Zookeeper | 3.5.6 | |||
| Application | Apache | Zookeeper | 3.5.6 |