Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
Typedeb
Namespacedebian
Namezookeeper
Version3.9.5-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1t8x-dmby-ubep
vulnerability_id VCID-1t8x-dmby-ubep
summary 
Apache ZooKeeper has improper handling of configuration values
Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential production systems affected by the issue. Users are recommended to upgrade to version 3.8.6 or 3.9.5 which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24308.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24308.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24308
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05512
published_at 2026-04-07T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05477
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06615
published_at 2026-04-29T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06577
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0662
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06613
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06604
published_at 2026-04-12T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06595
published_at 2026-04-13T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06523
published_at 2026-04-16T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06531
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06574
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06592
published_at 2026-04-24T12:55:00Z
12
value 0.00024
scoring_system epss
scoring_elements 0.06608
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24308
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24308
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24308
3
reference_url https://github.com/apache/zookeeper
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper
4
reference_url https://github.com/apache/zookeeper/releases/tag/release-3.8.6
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper/releases/tag/release-3.8.6
5
reference_url https://github.com/apache/zookeeper/releases/tag/release-3.9.5
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper/releases/tag/release-3.9.5
6
reference_url https://lists.apache.org/thread/qng3rtzv2pqkmko4rhv85jfplkyrgqdr
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T17:34:03Z/
url https://lists.apache.org/thread/qng3rtzv2pqkmko4rhv85jfplkyrgqdr
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24308
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24308
8
reference_url http://www.openwall.com/lists/oss-security/2026/03/07/5
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/03/07/5
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130497
reference_id 1130497
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130497
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445451
reference_id 2445451
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445451
11
reference_url https://github.com/advisories/GHSA-crhr-qqj8-rpxc
reference_id GHSA-crhr-qqj8-rpxc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-crhr-qqj8-rpxc
12
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
13
reference_url https://access.redhat.com/errata/RHSA-2026:8509
reference_id RHSA-2026:8509
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8509
fixed_packages
0
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2026-24308, GHSA-crhr-qqj8-rpxc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1t8x-dmby-ubep
1
url VCID-6789-5wwx-qqch
vulnerability_id VCID-6789-5wwx-qqch
summary 
Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManager
Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper servers or clients with a valid certificate for the PTR name. It's important to note that attacker must present a certificate which is trusted by ZKTrustManager which makes the attack vector harder to exploit. Users are recommended to upgrade to version 3.8.6 or 3.9.5, which fixes this issue by introducing a new configuration option to disable reverse DNS lookup in client and quorum protocols.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24281.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24281.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24281
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07113
published_at 2026-04-04T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07058
published_at 2026-04-02T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07088
published_at 2026-04-07T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08203
published_at 2026-04-09T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08185
published_at 2026-04-08T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08042
published_at 2026-04-18T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08057
published_at 2026-04-16T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08157
published_at 2026-04-13T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08174
published_at 2026-04-12T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08194
published_at 2026-04-11T12:55:00Z
10
value 0.00039
scoring_system epss
scoring_elements 0.11597
published_at 2026-04-24T12:55:00Z
11
value 0.00039
scoring_system epss
scoring_elements 0.11487
published_at 2026-04-29T12:55:00Z
12
value 0.00039
scoring_system epss
scoring_elements 0.11558
published_at 2026-04-26T12:55:00Z
13
value 0.00039
scoring_system epss
scoring_elements 0.11641
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24281
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24281
3
reference_url https://github.com/apache/zookeeper
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper
4
reference_url https://github.com/apache/zookeeper/commit/66c4efecdda1302d9cfb3af9eedb122b74452bf3
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper/commit/66c4efecdda1302d9cfb3af9eedb122b74452bf3
5
reference_url https://issues.apache.org/jira/browse/ZOOKEEPER-4986
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/ZOOKEEPER-4986
6
reference_url https://lists.apache.org/thread/088ddsbrzhd5lxzbqf5n24yg0mwh9jt2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T17:36:42Z/
url https://lists.apache.org/thread/088ddsbrzhd5lxzbqf5n24yg0mwh9jt2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24281
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24281
8
reference_url http://www.openwall.com/lists/oss-security/2026/03/07/4
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/03/07/4
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130496
reference_id 1130496
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130496
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445449
reference_id 2445449
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445449
11
reference_url https://github.com/advisories/GHSA-7xrh-hqfc-g7qr
reference_id GHSA-7xrh-hqfc-g7qr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7xrh-hqfc-g7qr
12
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
13
reference_url https://access.redhat.com/errata/RHSA-2026:8509
reference_id RHSA-2026:8509
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8509
fixed_packages
0
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2026-24281, GHSA-7xrh-hqfc-g7qr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6789-5wwx-qqch
2
url VCID-a3pn-rybm-6kdy
vulnerability_id VCID-a3pn-rybm-6kdy
summary 
Missing Authorization
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8012.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8012.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8012
reference_id
reference_type
scores
0
value 0.01372
scoring_system epss
scoring_elements 0.80309
published_at 2026-04-29T12:55:00Z
1
value 0.01372
scoring_system epss
scoring_elements 0.80175
published_at 2026-04-01T12:55:00Z
2
value 0.01372
scoring_system epss
scoring_elements 0.80292
published_at 2026-04-26T12:55:00Z
3
value 0.01372
scoring_system epss
scoring_elements 0.80285
published_at 2026-04-24T12:55:00Z
4
value 0.01372
scoring_system epss
scoring_elements 0.80259
published_at 2026-04-21T12:55:00Z
5
value 0.01372
scoring_system epss
scoring_elements 0.80256
published_at 2026-04-18T12:55:00Z
6
value 0.01372
scoring_system epss
scoring_elements 0.80182
published_at 2026-04-02T12:55:00Z
7
value 0.01372
scoring_system epss
scoring_elements 0.80202
published_at 2026-04-04T12:55:00Z
8
value 0.01372
scoring_system epss
scoring_elements 0.80191
published_at 2026-04-07T12:55:00Z
9
value 0.01372
scoring_system epss
scoring_elements 0.80219
published_at 2026-04-08T12:55:00Z
10
value 0.01372
scoring_system epss
scoring_elements 0.80229
published_at 2026-04-09T12:55:00Z
11
value 0.01372
scoring_system epss
scoring_elements 0.80247
published_at 2026-04-11T12:55:00Z
12
value 0.01372
scoring_system epss
scoring_elements 0.80232
published_at 2026-04-12T12:55:00Z
13
value 0.01372
scoring_system epss
scoring_elements 0.80255
published_at 2026-04-16T12:55:00Z
14
value 0.01372
scoring_system epss
scoring_elements 0.80226
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8012
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8012
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/c75147028c1c79bdebd4f8fa5db2b77da85de2b05ecc0d54d708b393@%3Cdev.zookeeper.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c75147028c1c79bdebd4f8fa5db2b77da85de2b05ecc0d54d708b393@%3Cdev.zookeeper.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/c75147028c1c79bdebd4f8fa5db2b77da85de2b05ecc0d54d708b393%40%3Cdev.zookeeper.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/c75147028c1c79bdebd4f8fa5db2b77da85de2b05ecc0d54d708b393%40%3Cdev.zookeeper.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r73daf1fc5d85677d9a854707e1908d14e174b7bbb0c603709c0ab33f@%3Coak-commits.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r73daf1fc5d85677d9a854707e1908d14e174b7bbb0c603709c0ab33f@%3Coak-commits.jackrabbit.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r73daf1fc5d85677d9a854707e1908d14e174b7bbb0c603709c0ab33f%40%3Coak-commits.jackrabbit.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r73daf1fc5d85677d9a854707e1908d14e174b7bbb0c603709c0ab33f%40%3Coak-commits.jackrabbit.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r8f0d920805af93033c488af89104e2d682662bacfb8406db865d5e14@%3Cdev.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f0d920805af93033c488af89104e2d682662bacfb8406db865d5e14@%3Cdev.jackrabbit.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r8f0d920805af93033c488af89104e2d682662bacfb8406db865d5e14%40%3Cdev.jackrabbit.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r8f0d920805af93033c488af89104e2d682662bacfb8406db865d5e14%40%3Cdev.jackrabbit.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rc5bc4ddb0deabf8cfb69378cecee56fcdc76929bea9e6373cb863870@%3Cdev.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc5bc4ddb0deabf8cfb69378cecee56fcdc76929bea9e6373cb863870@%3Cdev.jackrabbit.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rc5bc4ddb0deabf8cfb69378cecee56fcdc76929bea9e6373cb863870%40%3Cdev.jackrabbit.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc5bc4ddb0deabf8cfb69378cecee56fcdc76929bea9e6373cb863870%40%3Cdev.jackrabbit.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/re3a4048e9515d4afea416df907a612ed384a16c57cf99e97ee4a12f2@%3Cdev.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re3a4048e9515d4afea416df907a612ed384a16c57cf99e97ee4a12f2@%3Cdev.jackrabbit.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/re3a4048e9515d4afea416df907a612ed384a16c57cf99e97ee4a12f2%40%3Cdev.jackrabbit.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3a4048e9515d4afea416df907a612ed384a16c57cf99e97ee4a12f2%40%3Cdev.jackrabbit.apache.org%3E
20
reference_url https://www.debian.org/security/2018/dsa-4214
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4214
21
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
22
reference_url http://www.securityfocus.com/bid/104253
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104253
23
reference_url http://www.securitytracker.com/id/1040948
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1040948
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1581542
reference_id 1581542
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1581542
25
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899332
reference_id 899332
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899332
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.0:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.5.0:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.0:alpha:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.3:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.5.3:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.3:beta:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8012
reference_id CVE-2018-8012
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8012
33
reference_url https://github.com/advisories/GHSA-ccqf-c5hq-77mp
reference_id GHSA-ccqf-c5hq-77mp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ccqf-c5hq-77mp
34
reference_url https://usn.ubuntu.com/USN-4789-1/
reference_id USN-USN-4789-1
reference_type
scores
url https://usn.ubuntu.com/USN-4789-1/
fixed_packages
0
url pkg:deb/debian/zookeeper@3.4.10-2?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.10-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.10-2%3Fdistro=trixie
1
url pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-w64v-sgpz-7fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.13-6%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.8.0-11%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-hbdm-1ts5-f7ad
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.3-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2018-8012, GHSA-ccqf-c5hq-77mp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a3pn-rybm-6kdy
3
url VCID-d5ku-8mny-tfed
vulnerability_id VCID-d5ku-8mny-tfed
summary 
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The instance part in SASL auth ID is optional and if it's missing, like 'eve@EXAMPLE.COM', the authorization check will be skipped. As a result an arbitrary endpoint could join the cluster and begin propagating counterfeit changes to the leader, essentially giving it complete read-write access to the data tree. Quorum Peer authentication is not enabled by default.

Users are recommended to upgrade to version 3.9.1, 3.8.3, 3.7.2, which fixes the issue.

Alternately ensure the ensemble election/quorum communication is protected by a firewall as this will mitigate the issue.

See the documentation for more details on correct cluster administration.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44981.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44981.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-44981
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06797
published_at 2026-04-29T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06727
published_at 2026-04-09T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06726
published_at 2026-04-11T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.0672
published_at 2026-04-12T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06821
published_at 2026-04-26T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.06802
published_at 2026-04-24T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.06795
published_at 2026-04-21T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06639
published_at 2026-04-18T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06712
published_at 2026-04-13T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.06647
published_at 2026-04-16T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07418
published_at 2026-04-07T12:55:00Z
11
value 0.00027
scoring_system epss
scoring_elements 0.07392
published_at 2026-04-02T12:55:00Z
12
value 0.00027
scoring_system epss
scoring_elements 0.07474
published_at 2026-04-08T12:55:00Z
13
value 0.00027
scoring_system epss
scoring_elements 0.07437
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-44981
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44981
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44981
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/zookeeper
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper
5
reference_url https://lists.apache.org/thread/wf0yrk84dg1942z1o74kd8nycg6pgm5b
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:01Z/
url https://lists.apache.org/thread/wf0yrk84dg1942z1o74kd8nycg6pgm5b
6
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00029.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:01Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00029.html
7
reference_url https://security.netapp.com/advisory/ntap-20240621-0007
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0007
8
reference_url https://www.debian.org/security/2023/dsa-5544
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:01Z/
url https://www.debian.org/security/2023/dsa-5544
9
reference_url http://www.openwall.com/lists/oss-security/2023/10/11/4
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:01Z/
url http://www.openwall.com/lists/oss-security/2023/10/11/4
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054224
reference_id 1054224
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054224
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243436
reference_id 2243436
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2243436
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-44981
reference_id CVE-2023-44981
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-44981
13
reference_url https://github.com/advisories/GHSA-7286-pgfv-vxvh
reference_id GHSA-7286-pgfv-vxvh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7286-pgfv-vxvh
14
reference_url https://security.netapp.com/advisory/ntap-20240621-0007/
reference_id ntap-20240621-0007
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:01Z/
url https://security.netapp.com/advisory/ntap-20240621-0007/
15
reference_url https://access.redhat.com/errata/RHSA-2023:7678
reference_id RHSA-2023:7678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7678
16
reference_url https://access.redhat.com/errata/RHSA-2024:0705
reference_id RHSA-2024:0705
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0705
17
reference_url https://access.redhat.com/errata/RHSA-2024:0903
reference_id RHSA-2024:0903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0903
18
reference_url https://usn.ubuntu.com/6559-1/
reference_id USN-6559-1
reference_type
scores
url https://usn.ubuntu.com/6559-1/
fixed_packages
0
url pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-w64v-sgpz-7fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.13-6%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.8.0-11%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.8.0-11%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/zookeeper@3.9.1-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.1-1%3Fdistro=trixie
4
url pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-hbdm-1ts5-f7ad
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.3-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2023-44981, GHSA-7286-pgfv-vxvh
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d5ku-8mny-tfed
4
url VCID-e41j-4y91-7kd8
vulnerability_id VCID-e41j-4y91-7kd8
summary 
Information disclosure
ZooKeeper's `getACL()` command does not check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. `DigestAuthenticationProvider` overloads the Id field with the hash value that is used for user authentication. As a consequence, if Digest Authentication is in use, the unsalted hash value will be disclosed by `getACL()` request for unauthenticated or unprivileged users.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:3140
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3140
1
reference_url https://access.redhat.com/errata/RHSA-2019:3892
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3892
2
reference_url https://access.redhat.com/errata/RHSA-2019:4352
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4352
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0201.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0201.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0201
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43724
published_at 2026-04-13T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.4374
published_at 2026-04-12T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.43772
published_at 2026-04-11T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.43753
published_at 2026-04-09T12:55:00Z
4
value 0.00212
scoring_system epss
scoring_elements 0.4375
published_at 2026-04-08T12:55:00Z
5
value 0.00212
scoring_system epss
scoring_elements 0.437
published_at 2026-04-07T12:55:00Z
6
value 0.00212
scoring_system epss
scoring_elements 0.43766
published_at 2026-04-04T12:55:00Z
7
value 0.00212
scoring_system epss
scoring_elements 0.43741
published_at 2026-04-02T12:55:00Z
8
value 0.00212
scoring_system epss
scoring_elements 0.43686
published_at 2026-04-01T12:55:00Z
9
value 0.00212
scoring_system epss
scoring_elements 0.43568
published_at 2026-04-29T12:55:00Z
10
value 0.00212
scoring_system epss
scoring_elements 0.43651
published_at 2026-04-26T12:55:00Z
11
value 0.00212
scoring_system epss
scoring_elements 0.43647
published_at 2026-04-24T12:55:00Z
12
value 0.00212
scoring_system epss
scoring_elements 0.43709
published_at 2026-04-21T12:55:00Z
13
value 0.00212
scoring_system epss
scoring_elements 0.43777
published_at 2026-04-18T12:55:00Z
14
value 0.00212
scoring_system epss
scoring_elements 0.43786
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0201
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0201
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0201
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://issues.apache.org/jira/browse/ZOOKEEPER-1392
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/ZOOKEEPER-1392
8
reference_url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/5d9a1cf41a5880557bf680b7321b4ab9a4d206c601ffb15fef6f196a@%3Ccommits.accumulo.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5d9a1cf41a5880557bf680b7321b4ab9a4d206c601ffb15fef6f196a@%3Ccommits.accumulo.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/f6112882e30a31992a79e0a8c31ac179e9d0de7c708de3a9258d4391@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f6112882e30a31992a79e0a8c31ac179e9d0de7c708de3a9258d4391@%3Cissues.bookkeeper.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r40f32125c1d97ad82404cc918171d9e0fcf78e534256674e9da1eb4b@%3Ccommon-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r40f32125c1d97ad82404cc918171d9e0fcf78e534256674e9da1eb4b@%3Ccommon-issues.hadoop.apache.org%3E
15
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00033.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/05/msg00033.html
16
reference_url https://seclists.org/bugtraq/2019/Jun/13
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jun/13
17
reference_url https://security.netapp.com/advisory/ntap-20190619-0001
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190619-0001
18
reference_url https://security.netapp.com/advisory/ntap-20190619-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190619-0001/
19
reference_url https://www.debian.org/security/2019/dsa-4461
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4461
20
reference_url https://www.openwall.com/lists/oss-security/2019/05/20/1
reference_id
reference_type
scores
url https://www.openwall.com/lists/oss-security/2019/05/20/1
21
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
22
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
23
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
24
reference_url https://zookeeper.apache.org/security.html#CVE-2019-0201
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://zookeeper.apache.org/security.html#CVE-2019-0201
25
reference_url http://www.securityfocus.com/bid/108427
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/108427
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1715197
reference_id 1715197
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1715197
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929283
reference_id 929283
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929283
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0201
reference_id CVE-2019-0201
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0201
29
reference_url https://github.com/advisories/GHSA-2hw2-62cp-p9p7
reference_id GHSA-2hw2-62cp-p9p7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2hw2-62cp-p9p7
30
reference_url https://usn.ubuntu.com/6559-1/
reference_id USN-6559-1
reference_type
scores
url https://usn.ubuntu.com/6559-1/
fixed_packages
0
url pkg:deb/debian/zookeeper@3.4.13-2?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.13-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.13-2%3Fdistro=trixie
1
url pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-w64v-sgpz-7fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.13-6%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.8.0-11%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-hbdm-1ts5-f7ad
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.3-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2019-0201, GHSA-2hw2-62cp-p9p7
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e41j-4y91-7kd8
5
url VCID-ex8w-efvg-2qgv
vulnerability_id VCID-ex8w-efvg-2qgv
summary 
Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server
When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthenticationProvider, which uses HTTP request headers, is weak and allows an attacker to bypass authentication via spoofing client's IP address in request headers. Default configuration honors X-Forwarded-For HTTP header to read client's IP address. X-Forwarded-For request header is mainly used by proxy servers to identify the client and can be easily spoofed by an attacker pretending that the request comes from a different IP address. Admin Server commands, such as snapshot and restore arbitrarily can be executed on successful exploitation which could potentially lead to information leakage or service availability issues. Users are recommended to upgrade to version 3.9.3, which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-51504.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-51504.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-51504
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.22934
published_at 2026-04-29T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23265
published_at 2026-04-02T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23308
published_at 2026-04-04T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.23097
published_at 2026-04-07T12:55:00Z
4
value 0.00078
scoring_system epss
scoring_elements 0.23171
published_at 2026-04-08T12:55:00Z
5
value 0.00078
scoring_system epss
scoring_elements 0.23222
published_at 2026-04-09T12:55:00Z
6
value 0.00078
scoring_system epss
scoring_elements 0.23244
published_at 2026-04-11T12:55:00Z
7
value 0.00078
scoring_system epss
scoring_elements 0.23207
published_at 2026-04-12T12:55:00Z
8
value 0.00078
scoring_system epss
scoring_elements 0.23149
published_at 2026-04-13T12:55:00Z
9
value 0.00078
scoring_system epss
scoring_elements 0.23165
published_at 2026-04-16T12:55:00Z
10
value 0.00078
scoring_system epss
scoring_elements 0.23157
published_at 2026-04-18T12:55:00Z
11
value 0.00078
scoring_system epss
scoring_elements 0.23119
published_at 2026-04-21T12:55:00Z
12
value 0.00078
scoring_system epss
scoring_elements 0.22944
published_at 2026-04-24T12:55:00Z
13
value 0.00078
scoring_system epss
scoring_elements 0.22937
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-51504
2
reference_url https://github.com/apache/zookeeper
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper
3
reference_url https://github.com/apache/zookeeper/commit/2c2b74c1c11b6531aabb1bf06782e859048d5983
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper/commit/2c2b74c1c11b6531aabb1bf06782e859048d5983
4
reference_url https://lists.apache.org/thread/b3qrmpkto5r6989qr61fw9y2x646kqlh
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-07T16:31:39Z/
url https://lists.apache.org/thread/b3qrmpkto5r6989qr61fw9y2x646kqlh
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-51504
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-51504
6
reference_url http://www.openwall.com/lists/oss-security/2024/11/06/5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/11/06/5
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087275
reference_id 1087275
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087275
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2324330
reference_id 2324330
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2324330
9
reference_url https://github.com/advisories/GHSA-g93m-8x6h-g5gv
reference_id GHSA-g93m-8x6h-g5gv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g93m-8x6h-g5gv
fixed_packages
0
url pkg:deb/debian/zookeeper@0?distro=trixie
purl pkg:deb/debian/zookeeper@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@0%3Fdistro=trixie
1
url pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-w64v-sgpz-7fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.13-6%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.8.0-11%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/zookeeper@3.9.3-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.3-1%3Fdistro=trixie
4
url pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-hbdm-1ts5-f7ad
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.3-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2024-51504, GHSA-g93m-8x6h-g5gv
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ex8w-efvg-2qgv
6
url VCID-hbdm-1ts5-f7ad
vulnerability_id VCID-hbdm-1ts5-f7ad
summary 
Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands
Improper permission checks in the AdminServer allow an authenticated client with insufficient privileges to invoke the `snapshot` and `restore` commands. The intended requirement is authentication and authorization on the root path (`/`) with **ALL** permission for these operations; however, affected versions permit invocation without that level of authorization. The primary risk is disclosure of cluster state via snapshots to a lesser-privileged client.

*   **Affected:** `org.apache.zookeeper:zookeeper` 3.9.0 through 3.9.3.
*   **Fixed:** 3.9.4 (ZOOKEEPER-4964 “check permissions individually during admin server auth”).
*   **Mitigations:**
*   Disable both commands (`admin.snapshot.enabled`, `admin.restore.enabled`).
*   Disable AdminServer (`admin.enableServer`).
*   Ensure the root ACL is not open; note that ZooKeeper ACLs are not recursive.
*   Upgrade to 3.9.4.
references
0
reference_url http://github.com/apache/zookeeper/commit/71e173fcbcc9deb784081cf867bd045df3c32635
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://github.com/apache/zookeeper/commit/71e173fcbcc9deb784081cf867bd045df3c32635
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58457.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58457.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-58457
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.28968
published_at 2026-04-21T12:55:00Z
1
value 0.00131
scoring_system epss
scoring_elements 0.3257
published_at 2026-04-13T12:55:00Z
2
value 0.00131
scoring_system epss
scoring_elements 0.32598
published_at 2026-04-12T12:55:00Z
3
value 0.00131
scoring_system epss
scoring_elements 0.32636
published_at 2026-04-11T12:55:00Z
4
value 0.00131
scoring_system epss
scoring_elements 0.32634
published_at 2026-04-09T12:55:00Z
5
value 0.00131
scoring_system epss
scoring_elements 0.32608
published_at 2026-04-16T12:55:00Z
6
value 0.00131
scoring_system epss
scoring_elements 0.32561
published_at 2026-04-07T12:55:00Z
7
value 0.00131
scoring_system epss
scoring_elements 0.3274
published_at 2026-04-04T12:55:00Z
8
value 0.00131
scoring_system epss
scoring_elements 0.32705
published_at 2026-04-02T12:55:00Z
9
value 0.00131
scoring_system epss
scoring_elements 0.32585
published_at 2026-04-18T12:55:00Z
10
value 0.00131
scoring_system epss
scoring_elements 0.32609
published_at 2026-04-08T12:55:00Z
11
value 0.00141
scoring_system epss
scoring_elements 0.33731
published_at 2026-04-29T12:55:00Z
12
value 0.00141
scoring_system epss
scoring_elements 0.3384
published_at 2026-04-24T12:55:00Z
13
value 0.00141
scoring_system epss
scoring_elements 0.33817
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-58457
3
reference_url https://github.com/apache/zookeeper
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper
4
reference_url https://lists.apache.org/thread/r5yol0kkhx2fzw22pxk1ozwm3oc6yxrx
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:47:31Z/
url https://lists.apache.org/thread/r5yol0kkhx2fzw22pxk1ozwm3oc6yxrx
5
reference_url https://zookeeper.apache.org/doc/current/zookeeperSnapshotAndRestore.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://zookeeper.apache.org/doc/current/zookeeperSnapshotAndRestore.html
6
reference_url https://zookeeper.apache.org/doc/r3.9.4/releasenotes.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://zookeeper.apache.org/doc/r3.9.4/releasenotes.html
7
reference_url https://zookeeper.apache.org/security.html#CVE-2025-58457
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://zookeeper.apache.org/security.html#CVE-2025-58457
8
reference_url http://www.openwall.com/lists/oss-security/2025/09/24/10
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/09/24/10
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116339
reference_id 1116339
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116339
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2397773
reference_id 2397773
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2397773
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-58457
reference_id CVE-2025-58457
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-58457
12
reference_url https://github.com/advisories/GHSA-2hmj-97jw-28jh
reference_id GHSA-2hmj-97jw-28jh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2hmj-97jw-28jh
fixed_packages
0
url pkg:deb/debian/zookeeper@0?distro=trixie
purl pkg:deb/debian/zookeeper@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@0%3Fdistro=trixie
1
url pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-w64v-sgpz-7fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.13-6%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.8.0-11%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/zookeeper@3.9.4-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.4-1%3Fdistro=trixie
4
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2025-58457, GHSA-2hmj-97jw-28jh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hbdm-1ts5-f7ad
7
url VCID-w64v-sgpz-7fhj
vulnerability_id VCID-w64v-sgpz-7fhj
summary 
Apache ZooKeeper vulnerable to information disclosure in persistent watchers handling
Information disclosure in persistent watchers handling in Apache ZooKeeper due to missing ACL check. It allows an attacker to monitor child znodes by attaching a persistent watcher (addWatch command) to a parent which the attacker has already access to. ZooKeeper server doesn't do ACL check when the persistent watcher is triggered and as a consequence, the full path of znodes that a watch event gets triggered upon is exposed to the owner of the watcher. It's important to note that only the path is exposed by this vulnerability, not the data of znode, but since znode path can contain sensitive information like user name or login ID, this issue is potentially critical.

Users are recommended to upgrade to version 3.9.2, 3.8.4 which fixes the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23944.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23944.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-23944
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05129
published_at 2026-04-29T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05088
published_at 2026-04-24T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05056
published_at 2026-04-21T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.04909
published_at 2026-04-18T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.04899
published_at 2026-04-16T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.0495
published_at 2026-04-13T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.04969
published_at 2026-04-12T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.04987
published_at 2026-04-11T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05005
published_at 2026-04-09T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.0499
published_at 2026-04-08T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04956
published_at 2026-04-07T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.04939
published_at 2026-04-04T12:55:00Z
12
value 0.00019
scoring_system epss
scoring_elements 0.04914
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-23944
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23944
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23944
3
reference_url https://github.com/apache/zookeeper
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper
4
reference_url https://github.com/apache/zookeeper/commit/29c7b9462681f47c2ac12e609341cf9f52abac5c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper/commit/29c7b9462681f47c2ac12e609341cf9f52abac5c
5
reference_url https://github.com/apache/zookeeper/commit/65b91d2d9a56157285c2a86b106e67c26520b01d
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper/commit/65b91d2d9a56157285c2a86b106e67c26520b01d
6
reference_url https://github.com/apache/zookeeper/commit/daf7cfd04005cff1a4f7cab5ab13d41db88d0cd8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/zookeeper/commit/daf7cfd04005cff1a4f7cab5ab13d41db88d0cd8
7
reference_url https://lists.apache.org/thread/96s5nqssj03rznz9hv58txdb2k1lr79k
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-19T15:31:26Z/
url https://lists.apache.org/thread/96s5nqssj03rznz9hv58txdb2k1lr79k
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-23944
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-23944
9
reference_url http://www.openwall.com/lists/oss-security/2024/03/14/2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/03/14/2
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066947
reference_id 1066947
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066947
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2328637
reference_id 2328637
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2328637
12
reference_url https://github.com/advisories/GHSA-r978-9m6m-6gm6
reference_id GHSA-r978-9m6m-6gm6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r978-9m6m-6gm6
13
reference_url https://access.redhat.com/errata/RHSA-2024:6536
reference_id RHSA-2024:6536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6536
fixed_packages
0
url pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.8.0-11%252Bdeb12u2%3Fdistro=trixie
1
url pkg:deb/debian/zookeeper@3.9.2-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.2-1%3Fdistro=trixie
2
url pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-hbdm-1ts5-f7ad
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.3-1%252Bdeb13u1%3Fdistro=trixie
3
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2024-23944, GHSA-r978-9m6m-6gm6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w64v-sgpz-7fhj
8
url VCID-wme5-ec4u-jqd8
vulnerability_id VCID-wme5-ec4u-jqd8
summary 
Missing Authentication for Critical Function
Two `wchp` and `wchc` commands are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:2477
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2477
1
reference_url https://access.redhat.com/errata/RHSA-2017:3354
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3354
2
reference_url https://access.redhat.com/errata/RHSA-2017:3355
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3355
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5637.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5637.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5637
reference_id
reference_type
scores
0
value 0.17446
scoring_system epss
scoring_elements 0.95071
published_at 2026-04-12T12:55:00Z
1
value 0.17446
scoring_system epss
scoring_elements 0.9507
published_at 2026-04-11T12:55:00Z
2
value 0.17446
scoring_system epss
scoring_elements 0.95074
published_at 2026-04-13T12:55:00Z
3
value 0.17446
scoring_system epss
scoring_elements 0.95083
published_at 2026-04-16T12:55:00Z
4
value 0.17446
scoring_system epss
scoring_elements 0.95086
published_at 2026-04-18T12:55:00Z
5
value 0.17446
scoring_system epss
scoring_elements 0.95089
published_at 2026-04-21T12:55:00Z
6
value 0.17446
scoring_system epss
scoring_elements 0.95088
published_at 2026-04-24T12:55:00Z
7
value 0.17446
scoring_system epss
scoring_elements 0.9509
published_at 2026-04-29T12:55:00Z
8
value 0.17446
scoring_system epss
scoring_elements 0.95052
published_at 2026-04-04T12:55:00Z
9
value 0.17446
scoring_system epss
scoring_elements 0.95041
published_at 2026-04-01T12:55:00Z
10
value 0.17446
scoring_system epss
scoring_elements 0.95065
published_at 2026-04-09T12:55:00Z
11
value 0.17446
scoring_system epss
scoring_elements 0.95062
published_at 2026-04-08T12:55:00Z
12
value 0.17446
scoring_system epss
scoring_elements 0.95054
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5637
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5637
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5637
6
reference_url https://issues.apache.org/jira/browse/ZOOKEEPER-2693
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/ZOOKEEPER-2693
7
reference_url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/58170aeb7a681d462b7fa31cae81110cbb749d2dc83c5736a0bb8370@%3Cdev.zookeeper.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/58170aeb7a681d462b7fa31cae81110cbb749d2dc83c5736a0bb8370@%3Cdev.zookeeper.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/58170aeb7a681d462b7fa31cae81110cbb749d2dc83c5736a0bb8370%40%3Cdev.zookeeper.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/58170aeb7a681d462b7fa31cae81110cbb749d2dc83c5736a0bb8370%40%3Cdev.zookeeper.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
15
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
16
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
17
reference_url http://www.debian.org/security/2017/dsa-3871
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2017/dsa-3871
18
reference_url http://www.securityfocus.com/bid/98814
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/98814
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1454808
reference_id 1454808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1454808
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863811
reference_id 863811
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863811
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.1:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.2:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.3:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.4:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.5:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.6:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.7:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.8:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.4.9:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:zookeeper:3.5.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:zookeeper:3.5.2:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
35
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42294.py
reference_id CVE-2017-5637
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42294.py
36
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5637
reference_id CVE-2017-5637
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-5637
37
reference_url https://github.com/advisories/GHSA-7cwj-j333-x7f7
reference_id GHSA-7cwj-j333-x7f7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7cwj-j333-x7f7
38
reference_url https://usn.ubuntu.com/USN-4789-1/
reference_id USN-USN-4789-1
reference_type
scores
url https://usn.ubuntu.com/USN-4789-1/
fixed_packages
0
url pkg:deb/debian/zookeeper@3.4.9-3?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.9-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.9-3%3Fdistro=trixie
1
url pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-w64v-sgpz-7fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.13-6%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.8.0-11%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-hbdm-1ts5-f7ad
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.3-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2017-5637, GHSA-7cwj-j333-x7f7
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wme5-ec4u-jqd8
9
url VCID-xfzk-mnyd-zqcf
vulnerability_id VCID-xfzk-mnyd-zqcf
summary zookeeper: Buffer overflow vulnerability in C cli shell
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5017.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5017.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5017
reference_id
reference_type
scores
0
value 0.06114
scoring_system epss
scoring_elements 0.90745
published_at 2026-04-01T12:55:00Z
1
value 0.06114
scoring_system epss
scoring_elements 0.90751
published_at 2026-04-02T12:55:00Z
2
value 0.06114
scoring_system epss
scoring_elements 0.90762
published_at 2026-04-04T12:55:00Z
3
value 0.06114
scoring_system epss
scoring_elements 0.90773
published_at 2026-04-07T12:55:00Z
4
value 0.06114
scoring_system epss
scoring_elements 0.90783
published_at 2026-04-08T12:55:00Z
5
value 0.06114
scoring_system epss
scoring_elements 0.9079
published_at 2026-04-09T12:55:00Z
6
value 0.06114
scoring_system epss
scoring_elements 0.90798
published_at 2026-04-12T12:55:00Z
7
value 0.06114
scoring_system epss
scoring_elements 0.90795
published_at 2026-04-13T12:55:00Z
8
value 0.06114
scoring_system epss
scoring_elements 0.90815
published_at 2026-04-16T12:55:00Z
9
value 0.06114
scoring_system epss
scoring_elements 0.90813
published_at 2026-04-21T12:55:00Z
10
value 0.06114
scoring_system epss
scoring_elements 0.90824
published_at 2026-04-26T12:55:00Z
11
value 0.06114
scoring_system epss
scoring_elements 0.90819
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5017
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5017
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5017
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1377280
reference_id 1377280
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1377280
4
reference_url https://usn.ubuntu.com/USN-4789-1/
reference_id USN-USN-4789-1
reference_type
scores
url https://usn.ubuntu.com/USN-4789-1/
fixed_packages
0
url pkg:deb/debian/zookeeper@3.4.9-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.9-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.9-1%3Fdistro=trixie
1
url pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.4.13-6%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-w64v-sgpz-7fhj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.4.13-6%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/zookeeper@3.8.0-11%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.8.0-11%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.3-1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1t8x-dmby-ubep
1
vulnerability VCID-6789-5wwx-qqch
2
vulnerability VCID-hbdm-1ts5-f7ad
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.3-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
purl pkg:deb/debian/zookeeper@3.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie
aliases CVE-2016-5017
risk_score 2.2
exploitability 0.5
weighted_severity 4.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xfzk-mnyd-zqcf
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/zookeeper@3.9.5-1%3Fdistro=trixie