Org.apache.zookeeper:zookeeper
This hub aggregates every CVE we track for Org.apache.zookeeper:zookeeper, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
2
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM3CRITICAL2
Monthly trend
0
0
0
0
1
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
1
0
0
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting Org.apache.zookeeper:zookeeper.
- CVE-2026-24308Apache ZooKeeper: Sensitive information disclosure in client configuration handling7.5
- CVE-2025-58457Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands4.3
- CVE-2024-51504Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server9.1
- CVE-2024-23944Apache ZooKeeper: Information disclosure in persistent watcher handling5.3
- CVE-2023-44981Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication9.1
- CVE-2019-0201An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node an...5.9
- CVE-2018-8012No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could j...7.5
- CVE-2017-5637Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate clien...7.5
Product normalization is registry-driven with AI assist and human review. How it works