Zookeeper@3.5.1 Security Vulnerabilities and Issues — Zookeeper@3.5.1 CVE List

Lucene search

ApacheZookeeper3.5.1

3 matches found

CVE•added 2019/05/23 2:29 p.m.•188 views

CVE-2019-0201

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider ...

5.9CVSS5.8AI score0.00237EPSS

CVE•added 2017/10/10 1:30 a.m.•133 views

CVE-2017-5637

Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5...

7.5CVSS7.4AI score0.22005EPSS

CVE•added 2016/09/21 2:25 p.m.•82 views

CVE-2016-5017

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.

8.1CVSS7.9AI score0.1058EPSS